General
-
Target
4ae1e7bb26eaacaa84a2fa49f378d55d8f8f282775973699fa920d9268781aeb
-
Size
440KB
-
Sample
241111-gtqvpsvcre
-
MD5
1dd1aee8534ce430b1acd3d248d43925
-
SHA1
e9fe4e3fb09a4c507910f16891a979e20bbb726f
-
SHA256
4ae1e7bb26eaacaa84a2fa49f378d55d8f8f282775973699fa920d9268781aeb
-
SHA512
ef6462b7c5996c93dfe5d813b1e9b629125e9d3df33aa086d2aab49f75dfdcdda4fcbc0993ed35feffd2ce1cc4a9f1a7ba48ce36dc52eca3c1852bc4eaa9270e
-
SSDEEP
12288:7MrEy90XzgZ084FsIRmx9Efhqu5pDlCktkosWxEnc2Qt+si:fyw+UFsopfozktFsWxEnSPi
Static task
static1
Behavioral task
behavioral1
Sample
4ae1e7bb26eaacaa84a2fa49f378d55d8f8f282775973699fa920d9268781aeb.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
4ae1e7bb26eaacaa84a2fa49f378d55d8f8f282775973699fa920d9268781aeb
-
Size
440KB
-
MD5
1dd1aee8534ce430b1acd3d248d43925
-
SHA1
e9fe4e3fb09a4c507910f16891a979e20bbb726f
-
SHA256
4ae1e7bb26eaacaa84a2fa49f378d55d8f8f282775973699fa920d9268781aeb
-
SHA512
ef6462b7c5996c93dfe5d813b1e9b629125e9d3df33aa086d2aab49f75dfdcdda4fcbc0993ed35feffd2ce1cc4a9f1a7ba48ce36dc52eca3c1852bc4eaa9270e
-
SSDEEP
12288:7MrEy90XzgZ084FsIRmx9Efhqu5pDlCktkosWxEnc2Qt+si:fyw+UFsopfozktFsWxEnSPi
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-