General
-
Target
28f580286193191681abdd3e9c3c3222ffaa5d7bed609337951b308ee10a7e20
-
Size
837KB
-
Sample
241111-hepjrsvgka
-
MD5
eda43b32a55651f23b9169b54e3ba01b
-
SHA1
d693c68c8c8444a20f06e3702e3be8d3b70c24ec
-
SHA256
28f580286193191681abdd3e9c3c3222ffaa5d7bed609337951b308ee10a7e20
-
SHA512
5d54490841b38bf2456c7944524f8d22f69d3314b9901763adc43cd0e8e624be1ffea75b7dcb9bef3c352dd4c0b9762c9578a468acf22907b164c5ff0826a292
-
SSDEEP
24576:4yP/vGRed32fJERDdV6JWKmJgudgfP2TMut/oMiQ:/PcU3JTK1jAt
Static task
static1
Behavioral task
behavioral1
Sample
28f580286193191681abdd3e9c3c3222ffaa5d7bed609337951b308ee10a7e20.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
28f580286193191681abdd3e9c3c3222ffaa5d7bed609337951b308ee10a7e20
-
Size
837KB
-
MD5
eda43b32a55651f23b9169b54e3ba01b
-
SHA1
d693c68c8c8444a20f06e3702e3be8d3b70c24ec
-
SHA256
28f580286193191681abdd3e9c3c3222ffaa5d7bed609337951b308ee10a7e20
-
SHA512
5d54490841b38bf2456c7944524f8d22f69d3314b9901763adc43cd0e8e624be1ffea75b7dcb9bef3c352dd4c0b9762c9578a468acf22907b164c5ff0826a292
-
SSDEEP
24576:4yP/vGRed32fJERDdV6JWKmJgudgfP2TMut/oMiQ:/PcU3JTK1jAt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-