General
-
Target
8aef0b80dc3230f4fb62afd18ec236a420f401861da90bc0e12ce4e5689d8328
-
Size
431KB
-
Sample
241111-ggn6catkcx
-
MD5
12ea9f733d2c5c237beebd09760c58c0
-
SHA1
a51afb750a74b84d5c86bd7a646195bdc507c508
-
SHA256
8aef0b80dc3230f4fb62afd18ec236a420f401861da90bc0e12ce4e5689d8328
-
SHA512
6b5e493729912c0a1e901eb7e07048280ea8bb16a2313f68949e91bb10af6da19f621ceb3a9fe8a7776ede061dcad16a9ab8f57fffe7bfbd7a4a513829feb382
-
SSDEEP
6144:K+y+bnr+1p0yN90QEJooBH8o9+vzM8Fc5Nx61gyyQ2RolKBKODe64ru:KMrty90wvn1gyyQWqUKjK
Static task
static1
Behavioral task
behavioral1
Sample
8aef0b80dc3230f4fb62afd18ec236a420f401861da90bc0e12ce4e5689d8328.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
8aef0b80dc3230f4fb62afd18ec236a420f401861da90bc0e12ce4e5689d8328
-
Size
431KB
-
MD5
12ea9f733d2c5c237beebd09760c58c0
-
SHA1
a51afb750a74b84d5c86bd7a646195bdc507c508
-
SHA256
8aef0b80dc3230f4fb62afd18ec236a420f401861da90bc0e12ce4e5689d8328
-
SHA512
6b5e493729912c0a1e901eb7e07048280ea8bb16a2313f68949e91bb10af6da19f621ceb3a9fe8a7776ede061dcad16a9ab8f57fffe7bfbd7a4a513829feb382
-
SSDEEP
6144:K+y+bnr+1p0yN90QEJooBH8o9+vzM8Fc5Nx61gyyQ2RolKBKODe64ru:KMrty90wvn1gyyQWqUKjK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-