General
-
Target
c257410e48e26409e9cc1462ca63ab856fd00c5dfed58332ab63d7a654c08049.exe
-
Size
439KB
-
Sample
241111-gm1rbstkhw
-
MD5
16c9ddb6fd6d14f638e44e12d0936f45
-
SHA1
379268e38c93405fefbd2b51d94fc538a76c80a4
-
SHA256
c257410e48e26409e9cc1462ca63ab856fd00c5dfed58332ab63d7a654c08049
-
SHA512
7aa0e5bad9bd5d502d6308f4365e37db63ecb5af449259ca5d2978edf56235b2e09836250f5092d54f2dca5816b2199ef3a0512c89bfa8e0e58473176a37bec7
-
SSDEEP
6144:KMy+bnr+np0yN90QE4FMQ/0Yg+of0zQA5qjGBwv8QIlGWc8HxXDsyhR3H5CTiKaE:cMrzy90OqYLzf5kGBwRIlGWLZHsTMI/
Static task
static1
Behavioral task
behavioral1
Sample
c257410e48e26409e9cc1462ca63ab856fd00c5dfed58332ab63d7a654c08049.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
c257410e48e26409e9cc1462ca63ab856fd00c5dfed58332ab63d7a654c08049.exe
-
Size
439KB
-
MD5
16c9ddb6fd6d14f638e44e12d0936f45
-
SHA1
379268e38c93405fefbd2b51d94fc538a76c80a4
-
SHA256
c257410e48e26409e9cc1462ca63ab856fd00c5dfed58332ab63d7a654c08049
-
SHA512
7aa0e5bad9bd5d502d6308f4365e37db63ecb5af449259ca5d2978edf56235b2e09836250f5092d54f2dca5816b2199ef3a0512c89bfa8e0e58473176a37bec7
-
SSDEEP
6144:KMy+bnr+np0yN90QE4FMQ/0Yg+of0zQA5qjGBwv8QIlGWc8HxXDsyhR3H5CTiKaE:cMrzy90OqYLzf5kGBwRIlGWLZHsTMI/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-