General
-
Target
22c1a63a7205d1da40b89afd71679c06d8d0ba66649afe47278e84a1380f8f88
-
Size
770KB
-
Sample
241112-y76azs1bjm
-
MD5
08e8eec9d15a07a52716e6bb6cdca10a
-
SHA1
c3d50ceb23a04c0d9ff86003ab6419a29487ea1c
-
SHA256
22c1a63a7205d1da40b89afd71679c06d8d0ba66649afe47278e84a1380f8f88
-
SHA512
dae940e7f76086df608df3db950f025f4b67a224b618f0c0eadf94be06e7cc00c4bd5b4eae38fe233c8fd00a0064e9e583639f3cd55e21c40a97f2faaf1f1dfa
-
SSDEEP
12288:oMrHy90/c+Cd7zpfWMG9beaB3a6mV8v4M+H8PC6dUAB4Lebplah3TuCOB:vyIYRxWMajwV3tH8PTiLRtTGB
Static task
static1
Behavioral task
behavioral1
Sample
22c1a63a7205d1da40b89afd71679c06d8d0ba66649afe47278e84a1380f8f88.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
22c1a63a7205d1da40b89afd71679c06d8d0ba66649afe47278e84a1380f8f88
-
Size
770KB
-
MD5
08e8eec9d15a07a52716e6bb6cdca10a
-
SHA1
c3d50ceb23a04c0d9ff86003ab6419a29487ea1c
-
SHA256
22c1a63a7205d1da40b89afd71679c06d8d0ba66649afe47278e84a1380f8f88
-
SHA512
dae940e7f76086df608df3db950f025f4b67a224b618f0c0eadf94be06e7cc00c4bd5b4eae38fe233c8fd00a0064e9e583639f3cd55e21c40a97f2faaf1f1dfa
-
SSDEEP
12288:oMrHy90/c+Cd7zpfWMG9beaB3a6mV8v4M+H8PC6dUAB4Lebplah3TuCOB:vyIYRxWMajwV3tH8PTiLRtTGB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-