General
-
Target
5526514e5ba93d17e9f4d87cb5138b8df96e37e66c4cb92257e66b23fb5f0fc2
-
Size
759KB
-
Sample
241111-dxhfys1lbz
-
MD5
0afdc095dc27f089072f887a1c24114b
-
SHA1
4b8bd77ee4a4e02179e99fd91b451e03cc1e271a
-
SHA256
5526514e5ba93d17e9f4d87cb5138b8df96e37e66c4cb92257e66b23fb5f0fc2
-
SHA512
d470fd46e8b12b093e4614c1ceaf3f7fd54e872453d6b7690c0a7ab92c7637e38fb053072b5bae7748fb3ac41e361c970ce040ac985f8ce821cafd82c2a3c89a
-
SSDEEP
12288:MMr7y90DGowVazxLyJoRqvmdYzdLJVHaDMghoATwAITPsQae6uYBt2GbiZ:nyMAVapRm35LJNrgRTIsTpbiZ
Static task
static1
Behavioral task
behavioral1
Sample
5526514e5ba93d17e9f4d87cb5138b8df96e37e66c4cb92257e66b23fb5f0fc2.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
5526514e5ba93d17e9f4d87cb5138b8df96e37e66c4cb92257e66b23fb5f0fc2
-
Size
759KB
-
MD5
0afdc095dc27f089072f887a1c24114b
-
SHA1
4b8bd77ee4a4e02179e99fd91b451e03cc1e271a
-
SHA256
5526514e5ba93d17e9f4d87cb5138b8df96e37e66c4cb92257e66b23fb5f0fc2
-
SHA512
d470fd46e8b12b093e4614c1ceaf3f7fd54e872453d6b7690c0a7ab92c7637e38fb053072b5bae7748fb3ac41e361c970ce040ac985f8ce821cafd82c2a3c89a
-
SSDEEP
12288:MMr7y90DGowVazxLyJoRqvmdYzdLJVHaDMghoATwAITPsQae6uYBt2GbiZ:nyMAVapRm35LJNrgRTIsTpbiZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-