General
-
Target
1e013b3a03d46f894a2cee3ee05ae5de6b85d8aa6983e26017f0484c99731645
-
Size
591KB
-
Sample
241112-y1cp4azgqe
-
MD5
8ceb4f8ec221f4003d71a0e60ac5ebb2
-
SHA1
81d39a9cbc66091a436e3b2ed012063c8479aa9a
-
SHA256
1e013b3a03d46f894a2cee3ee05ae5de6b85d8aa6983e26017f0484c99731645
-
SHA512
cef34b5594a60e1df6d63b60644042a016fb128ad821e87f277e16a1aedebf148a553b0911486a0ba86445756b652f0269a5b8fe7c372d7c807d6b492ae44866
-
SSDEEP
12288:qMrqy90G6o1nhsI4PGZWg8tK3vX8KgApKHwLLf7lLGgiHA7Si:UyH6oll4+ctEUAAmf7lLGbHmJ
Static task
static1
Behavioral task
behavioral1
Sample
1e013b3a03d46f894a2cee3ee05ae5de6b85d8aa6983e26017f0484c99731645.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronam
193.233.20.17:4139
-
auth_value
125421d19d14dd7fd211bc7f6d4aea6c
Targets
-
-
Target
1e013b3a03d46f894a2cee3ee05ae5de6b85d8aa6983e26017f0484c99731645
-
Size
591KB
-
MD5
8ceb4f8ec221f4003d71a0e60ac5ebb2
-
SHA1
81d39a9cbc66091a436e3b2ed012063c8479aa9a
-
SHA256
1e013b3a03d46f894a2cee3ee05ae5de6b85d8aa6983e26017f0484c99731645
-
SHA512
cef34b5594a60e1df6d63b60644042a016fb128ad821e87f277e16a1aedebf148a553b0911486a0ba86445756b652f0269a5b8fe7c372d7c807d6b492ae44866
-
SSDEEP
12288:qMrqy90G6o1nhsI4PGZWg8tK3vX8KgApKHwLLf7lLGgiHA7Si:UyH6oll4+ctEUAAmf7lLGbHmJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-