General
-
Target
a9ec01b513a51b8d0048fa17cb29a35a0c5831046e8c5a0f604694c959d6b976
-
Size
838KB
-
Sample
241111-df49ds1gqa
-
MD5
78dec5dc8a1a8b32a3d636f07f2d8c14
-
SHA1
28e13b482ee1fa32f630f138dfa57020856a02e3
-
SHA256
a9ec01b513a51b8d0048fa17cb29a35a0c5831046e8c5a0f604694c959d6b976
-
SHA512
da09ea3ea7e5fcd84db46d71e7b1ef88092e70470cfc4646231a0221bac45caa7e5ca8eeac4adbca3a7d6a623fcbfbfe81423f7d346b863430c6fbfe75eee6b6
-
SSDEEP
24576:zyVBG7AJG0dDsj0WUaCcIWoBsre9dG43A833:GjxG0dDGFIWoBsrea4wq
Static task
static1
Behavioral task
behavioral1
Sample
a9ec01b513a51b8d0048fa17cb29a35a0c5831046e8c5a0f604694c959d6b976.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
a9ec01b513a51b8d0048fa17cb29a35a0c5831046e8c5a0f604694c959d6b976
-
Size
838KB
-
MD5
78dec5dc8a1a8b32a3d636f07f2d8c14
-
SHA1
28e13b482ee1fa32f630f138dfa57020856a02e3
-
SHA256
a9ec01b513a51b8d0048fa17cb29a35a0c5831046e8c5a0f604694c959d6b976
-
SHA512
da09ea3ea7e5fcd84db46d71e7b1ef88092e70470cfc4646231a0221bac45caa7e5ca8eeac4adbca3a7d6a623fcbfbfe81423f7d346b863430c6fbfe75eee6b6
-
SSDEEP
24576:zyVBG7AJG0dDsj0WUaCcIWoBsre9dG43A833:GjxG0dDGFIWoBsrea4wq
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-