General
-
Target
f6f302adb342a35106b9f365d177e470ff2fcf426b3423843b8c45579d9cff28
-
Size
654KB
-
Sample
241111-fvhp2ssphs
-
MD5
d5e01c5b8c8dbf6ae490a87224c30485
-
SHA1
4116d992a834c3716f4ad48c1747c0a096c6bf59
-
SHA256
f6f302adb342a35106b9f365d177e470ff2fcf426b3423843b8c45579d9cff28
-
SHA512
5e43c915cc08dd10b9ab6c5fdebbf229ad9fc35552c4c6cc19abad4b07bdd9d1b2e7d7fbe8c727609dd5ee7e602997f7ac5649e78da5bbd592d1107965d2163e
-
SSDEEP
12288:GMrjy908NFq5JypVQQmE4cUPP5KeCaokR3r9kh4pKpjiPttPfIr4CF:dyfNFq58p/nlUPP5dpxRTCjGttPfI0CF
Static task
static1
Behavioral task
behavioral1
Sample
f6f302adb342a35106b9f365d177e470ff2fcf426b3423843b8c45579d9cff28.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
f6f302adb342a35106b9f365d177e470ff2fcf426b3423843b8c45579d9cff28
-
Size
654KB
-
MD5
d5e01c5b8c8dbf6ae490a87224c30485
-
SHA1
4116d992a834c3716f4ad48c1747c0a096c6bf59
-
SHA256
f6f302adb342a35106b9f365d177e470ff2fcf426b3423843b8c45579d9cff28
-
SHA512
5e43c915cc08dd10b9ab6c5fdebbf229ad9fc35552c4c6cc19abad4b07bdd9d1b2e7d7fbe8c727609dd5ee7e602997f7ac5649e78da5bbd592d1107965d2163e
-
SSDEEP
12288:GMrjy908NFq5JypVQQmE4cUPP5KeCaokR3r9kh4pKpjiPttPfIr4CF:dyfNFq58p/nlUPP5dpxRTCjGttPfI0CF
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-