General
-
Target
ec87647a1800a44a56f871c738ff80826a1ae8c7ec33141961936e1195c791dc
-
Size
424KB
-
Sample
241111-hr38paymbl
-
MD5
29c8ee0dbda02cc09b2646f7d075bc21
-
SHA1
77100c912eb4f9d9dde0cab07259a0d236bb606e
-
SHA256
ec87647a1800a44a56f871c738ff80826a1ae8c7ec33141961936e1195c791dc
-
SHA512
0006cd64e3b83344daddc4169635a22b482849c204f79ac555e0085b56c6b7c23709f48e2c101dac2c518b3232844dbafcc1d101791b0f77f488aa63573db941
-
SSDEEP
6144:Ksy+bnr+ap0yN90QEgAVAgAwghnB9Evdg+h8rc5QZEvp1mepkboJ9fIG7ZSP:0MrOy90aIAwVVg68rcyZakboHIGm
Static task
static1
Behavioral task
behavioral1
Sample
ec87647a1800a44a56f871c738ff80826a1ae8c7ec33141961936e1195c791dc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
ec87647a1800a44a56f871c738ff80826a1ae8c7ec33141961936e1195c791dc
-
Size
424KB
-
MD5
29c8ee0dbda02cc09b2646f7d075bc21
-
SHA1
77100c912eb4f9d9dde0cab07259a0d236bb606e
-
SHA256
ec87647a1800a44a56f871c738ff80826a1ae8c7ec33141961936e1195c791dc
-
SHA512
0006cd64e3b83344daddc4169635a22b482849c204f79ac555e0085b56c6b7c23709f48e2c101dac2c518b3232844dbafcc1d101791b0f77f488aa63573db941
-
SSDEEP
6144:Ksy+bnr+ap0yN90QEgAVAgAwghnB9Evdg+h8rc5QZEvp1mepkboJ9fIG7ZSP:0MrOy90aIAwVVg68rcyZakboHIGm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-