General
-
Target
e075500210dfba6f1b4575a42d257028c9a262f0befe38bb14ccc816ffc88779
-
Size
782KB
-
Sample
241111-ej6r3a1qdw
-
MD5
df9aed1485ac9cb6a3ab7bdac561ff8a
-
SHA1
b00fd141f08cc04b0268a08b27fefee1381205ee
-
SHA256
e075500210dfba6f1b4575a42d257028c9a262f0befe38bb14ccc816ffc88779
-
SHA512
6957dfb3971c9c27fb0f12d0c5af0fbe0006afb2ba61e33236be0b99be0bfa36e1c067b71cfdbbe8f3cda3b5e7ec8ed9646d0f4c53fbe23936c919b3817304cc
-
SSDEEP
24576:Ty1rSYgVGdR4sKc/6IPtXgaysYO7BRzwZwpdx/Mbvku:m1rSlAXHJ/TpHRYO7z2wpdsk
Static task
static1
Behavioral task
behavioral1
Sample
e075500210dfba6f1b4575a42d257028c9a262f0befe38bb14ccc816ffc88779.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
e075500210dfba6f1b4575a42d257028c9a262f0befe38bb14ccc816ffc88779
-
Size
782KB
-
MD5
df9aed1485ac9cb6a3ab7bdac561ff8a
-
SHA1
b00fd141f08cc04b0268a08b27fefee1381205ee
-
SHA256
e075500210dfba6f1b4575a42d257028c9a262f0befe38bb14ccc816ffc88779
-
SHA512
6957dfb3971c9c27fb0f12d0c5af0fbe0006afb2ba61e33236be0b99be0bfa36e1c067b71cfdbbe8f3cda3b5e7ec8ed9646d0f4c53fbe23936c919b3817304cc
-
SSDEEP
24576:Ty1rSYgVGdR4sKc/6IPtXgaysYO7BRzwZwpdx/Mbvku:m1rSlAXHJ/TpHRYO7z2wpdsk
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-