General
-
Target
a299032783c88dab7cdf4b36b26ee3caf35b9b629e8140cdbb022ab7eabf151a
-
Size
572KB
-
Sample
230703-qd933sge36
-
MD5
12564dba5b3178c75a6a96a582f94c5b
-
SHA1
003817ee6dac145edf947b062bc9b25653d32613
-
SHA256
a299032783c88dab7cdf4b36b26ee3caf35b9b629e8140cdbb022ab7eabf151a
-
SHA512
5402ce66c56b8612887a1f28e1f5bf695867b1993d61b8d2d03c01d8c01fb1f270b101e85358c65ed27fc7f037f780b1290cac010c107f8339e3393e3157e5b9
-
SSDEEP
12288:PMrcy90ic73VvlgFq5RMdM3pxSu2TaQIXpQSIimiD:3ynitggNZI3KdIx8
Static task
static1
Behavioral task
behavioral1
Sample
a299032783c88dab7cdf4b36b26ee3caf35b9b629e8140cdbb022ab7eabf151a.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
a299032783c88dab7cdf4b36b26ee3caf35b9b629e8140cdbb022ab7eabf151a.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
redline
duza
83.97.73.129:19071
-
auth_value
787a4e3bbc78fd525526de1098cb0621
Targets
-
-
Target
a299032783c88dab7cdf4b36b26ee3caf35b9b629e8140cdbb022ab7eabf151a
-
Size
572KB
-
MD5
12564dba5b3178c75a6a96a582f94c5b
-
SHA1
003817ee6dac145edf947b062bc9b25653d32613
-
SHA256
a299032783c88dab7cdf4b36b26ee3caf35b9b629e8140cdbb022ab7eabf151a
-
SHA512
5402ce66c56b8612887a1f28e1f5bf695867b1993d61b8d2d03c01d8c01fb1f270b101e85358c65ed27fc7f037f780b1290cac010c107f8339e3393e3157e5b9
-
SSDEEP
12288:PMrcy90ic73VvlgFq5RMdM3pxSu2TaQIXpQSIimiD:3ynitggNZI3KdIx8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-