General
-
Target
16f8607579e12a0f42f2a3a7b06dab7d8343e14241ac3ebcde0d2fbc7038b080
-
Size
567KB
-
Sample
241111-cx5e2s1cmg
-
MD5
eb68964cc0ca898c559c2fec2ceb7725
-
SHA1
c0ba871ebc833a59a8818d079e2fe0bf705b08e2
-
SHA256
16f8607579e12a0f42f2a3a7b06dab7d8343e14241ac3ebcde0d2fbc7038b080
-
SHA512
befc97e3bebb3b8204138f083d36d69d9ba3aaa2e1b3d2ef8bfe4880717ef008e4799a0f00a6f17dd7ea086618c386351e4d6f20a73f049a813cf57bd2e6f6ce
-
SSDEEP
12288:UMr8y90opwadFEJy/0SW7TOA83uFT1Z/HNwjVNMTO:QyVpDd5/9IL83yT1ZwVKTO
Static task
static1
Behavioral task
behavioral1
Sample
16f8607579e12a0f42f2a3a7b06dab7d8343e14241ac3ebcde0d2fbc7038b080.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
16f8607579e12a0f42f2a3a7b06dab7d8343e14241ac3ebcde0d2fbc7038b080
-
Size
567KB
-
MD5
eb68964cc0ca898c559c2fec2ceb7725
-
SHA1
c0ba871ebc833a59a8818d079e2fe0bf705b08e2
-
SHA256
16f8607579e12a0f42f2a3a7b06dab7d8343e14241ac3ebcde0d2fbc7038b080
-
SHA512
befc97e3bebb3b8204138f083d36d69d9ba3aaa2e1b3d2ef8bfe4880717ef008e4799a0f00a6f17dd7ea086618c386351e4d6f20a73f049a813cf57bd2e6f6ce
-
SSDEEP
12288:UMr8y90opwadFEJy/0SW7TOA83uFT1Z/HNwjVNMTO:QyVpDd5/9IL83yT1ZwVKTO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-