General
-
Target
4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
-
Size
655KB
-
Sample
211109-rdjrkacdfq
-
MD5
7b8ff8330de56d82144f559512ef59cd
-
SHA1
791902ec9541ae39a06cf57885b16d13d4146cdc
-
SHA256
4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
-
SHA512
2edc7b2650ad26abf5af4165e5ac2392a0e992737c80c528844689fde6a49d21428079c8eb877b5b504ae97ed0496517c6c47ca6c4db838058849c3aef8d9c66
Static task
static1
Behavioral task
behavioral1
Sample
4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9.exe
Resource
win10-en-20211104
Malware Config
Extracted
redline
09.11
185.215.113.17:7700
Targets
-
-
Target
4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
-
Size
655KB
-
MD5
7b8ff8330de56d82144f559512ef59cd
-
SHA1
791902ec9541ae39a06cf57885b16d13d4146cdc
-
SHA256
4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
-
SHA512
2edc7b2650ad26abf5af4165e5ac2392a0e992737c80c528844689fde6a49d21428079c8eb877b5b504ae97ed0496517c6c47ca6c4db838058849c3aef8d9c66
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-