General
-
Target
6c6f3604eeb75ea01edd289c9283861b5de3ff0fa854d639b62cbb4f5aa4e315.exe
-
Size
583KB
-
Sample
241112-y9p2sazkas
-
MD5
44e23169abca2b0d1bceb28d81449ab6
-
SHA1
6e2fff4bfa0fa01db1c8f3d391c0a197e0936425
-
SHA256
6c6f3604eeb75ea01edd289c9283861b5de3ff0fa854d639b62cbb4f5aa4e315
-
SHA512
54c56becd95f1e4a5b705759eab1acf44b096d8efd8e9be288e56edda2c518411b83bf23fc28d4b7c14f95bbd7b62c2aa2f7841b1f0e8d80431b65338a2d7747
-
SSDEEP
12288:NMrZy90NG6HXArt9oaP6UGFaCYpD4QrkfTmYEeaJ2p:QyYfwXoo610aQr8xfaop
Static task
static1
Behavioral task
behavioral1
Sample
6c6f3604eeb75ea01edd289c9283861b5de3ff0fa854d639b62cbb4f5aa4e315.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronam
193.233.20.17:4139
-
auth_value
125421d19d14dd7fd211bc7f6d4aea6c
Targets
-
-
Target
6c6f3604eeb75ea01edd289c9283861b5de3ff0fa854d639b62cbb4f5aa4e315.exe
-
Size
583KB
-
MD5
44e23169abca2b0d1bceb28d81449ab6
-
SHA1
6e2fff4bfa0fa01db1c8f3d391c0a197e0936425
-
SHA256
6c6f3604eeb75ea01edd289c9283861b5de3ff0fa854d639b62cbb4f5aa4e315
-
SHA512
54c56becd95f1e4a5b705759eab1acf44b096d8efd8e9be288e56edda2c518411b83bf23fc28d4b7c14f95bbd7b62c2aa2f7841b1f0e8d80431b65338a2d7747
-
SSDEEP
12288:NMrZy90NG6HXArt9oaP6UGFaCYpD4QrkfTmYEeaJ2p:QyYfwXoo610aQr8xfaop
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-