General
-
Target
bd9ee450aa4fd47c557c553b3281c114670999aefa1be7df0f47f4ca262f6dbc
-
Size
715KB
-
Sample
220129-dnqe7sbfem
-
MD5
f68b48a73bd819edeb90c901b46afd0e
-
SHA1
0e789944268ec3e8a7991c61af491884a770d062
-
SHA256
bd9ee450aa4fd47c557c553b3281c114670999aefa1be7df0f47f4ca262f6dbc
-
SHA512
139d4d1185abdaf3eddf951e1aafa828428e76694aa12aa58c724d566180877fe8c81fbbabdae4f49cb04a24152a4fb53f09acd55daa2bddf5d6d4afe6d774bd
Static task
static1
Behavioral task
behavioral1
Sample
bd9ee450aa4fd47c557c553b3281c114670999aefa1be7df0f47f4ca262f6dbc.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
mix29.01
185.215.113.70:21508
Targets
-
-
Target
bd9ee450aa4fd47c557c553b3281c114670999aefa1be7df0f47f4ca262f6dbc
-
Size
715KB
-
MD5
f68b48a73bd819edeb90c901b46afd0e
-
SHA1
0e789944268ec3e8a7991c61af491884a770d062
-
SHA256
bd9ee450aa4fd47c557c553b3281c114670999aefa1be7df0f47f4ca262f6dbc
-
SHA512
139d4d1185abdaf3eddf951e1aafa828428e76694aa12aa58c724d566180877fe8c81fbbabdae4f49cb04a24152a4fb53f09acd55daa2bddf5d6d4afe6d774bd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-