General
-
Target
fed47748feef9d2cbf9931839fe07af550cb90ed48c490a879be4adb51b3708f
-
Size
656KB
-
Sample
211109-qcaa3acdcj
-
MD5
7f5bad42bcc1b251f3413f2c866f6a25
-
SHA1
e0f85efa28cf9182b58efd4e2fb24688157d99a5
-
SHA256
fed47748feef9d2cbf9931839fe07af550cb90ed48c490a879be4adb51b3708f
-
SHA512
03504466ebb07d4c69d29fdd5a2ca77053b00530c88ba970d95b651a52f61502fedfca6702af7ddcc4037446da070308ea3418fecf5e6777cbdb5c186dfea056
Static task
static1
Behavioral task
behavioral1
Sample
fed47748feef9d2cbf9931839fe07af550cb90ed48c490a879be4adb51b3708f.exe
Resource
win10-en-20211014
Malware Config
Extracted
redline
09.11
185.215.113.17:7700
Targets
-
-
Target
fed47748feef9d2cbf9931839fe07af550cb90ed48c490a879be4adb51b3708f
-
Size
656KB
-
MD5
7f5bad42bcc1b251f3413f2c866f6a25
-
SHA1
e0f85efa28cf9182b58efd4e2fb24688157d99a5
-
SHA256
fed47748feef9d2cbf9931839fe07af550cb90ed48c490a879be4adb51b3708f
-
SHA512
03504466ebb07d4c69d29fdd5a2ca77053b00530c88ba970d95b651a52f61502fedfca6702af7ddcc4037446da070308ea3418fecf5e6777cbdb5c186dfea056
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-