General
-
Target
434535fe53dad8e0b2503ef95997e476532b29c7a091f93e6be3d218fb6e2a1a.exe
-
Size
749KB
-
Sample
241122-rzrpassnav
-
MD5
82330d3139d30c614cfc3af3d92a25a0
-
SHA1
1cd6ac281e0b834305dc9811fe275a3563b858e5
-
SHA256
434535fe53dad8e0b2503ef95997e476532b29c7a091f93e6be3d218fb6e2a1a
-
SHA512
ac240819ca109c3d91ac4d631f147bee2e3575c2e05d0e57f5345ecf08f389c10dfb0ffdc554f43c5f282a2f5bafef600df5e6e9f1a9e823f03a178ed6e9d725
-
SSDEEP
12288:OMrEy90iIdX8fZO30Uwh9c/rTA/Iw9VRHZX7H1Qv+Jv9RxPAaCReJKnsyNk5:uytI9iZU0UKUwHp7ajR3syNk5
Static task
static1
Behavioral task
behavioral1
Sample
434535fe53dad8e0b2503ef95997e476532b29c7a091f93e6be3d218fb6e2a1a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
doma
185.161.248.75:4132
-
auth_value
8be53af7f78567706928d0abef953ef4
Targets
-
-
Target
434535fe53dad8e0b2503ef95997e476532b29c7a091f93e6be3d218fb6e2a1a.exe
-
Size
749KB
-
MD5
82330d3139d30c614cfc3af3d92a25a0
-
SHA1
1cd6ac281e0b834305dc9811fe275a3563b858e5
-
SHA256
434535fe53dad8e0b2503ef95997e476532b29c7a091f93e6be3d218fb6e2a1a
-
SHA512
ac240819ca109c3d91ac4d631f147bee2e3575c2e05d0e57f5345ecf08f389c10dfb0ffdc554f43c5f282a2f5bafef600df5e6e9f1a9e823f03a178ed6e9d725
-
SSDEEP
12288:OMrEy90iIdX8fZO30Uwh9c/rTA/Iw9VRHZX7H1Qv+Jv9RxPAaCReJKnsyNk5:uytI9iZU0UKUwHp7ajR3syNk5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-