General
-
Target
8af4dded3d07dddf19d216bbcfd48d9a926407757a67903d0b901cbf03c64537
-
Size
290KB
-
Sample
220929-evpypahgc4
-
MD5
2c6b5d22740b0aa6d1cd4a6720117246
-
SHA1
d2227060929b88f8a16b2fec50318c12ca899a27
-
SHA256
8af4dded3d07dddf19d216bbcfd48d9a926407757a67903d0b901cbf03c64537
-
SHA512
23e099f476a74cfee4767676b2cd287518898abdc2d73fb596b32e83838c2b6e7a09029b85d17e8e49c9d76c2a230e4959a2925a984c7104cb41c8594d9e78b1
-
SSDEEP
6144:zYfBgeMRrKsW3towlz877/ciz7CV0RwwVfgI:zVRr23mV0aCuRk
Static task
static1
Malware Config
Extracted
danabot
-
embedded_hash
6618C163D57D6441FCCA65D86C4D380D
-
type
loader
Extracted
redline
insmix
jamesmillion2.xyz:9420
-
auth_value
f388a05524f756108c9e4b0f4c4bafb6
Targets
-
-
Target
8af4dded3d07dddf19d216bbcfd48d9a926407757a67903d0b901cbf03c64537
-
Size
290KB
-
MD5
2c6b5d22740b0aa6d1cd4a6720117246
-
SHA1
d2227060929b88f8a16b2fec50318c12ca899a27
-
SHA256
8af4dded3d07dddf19d216bbcfd48d9a926407757a67903d0b901cbf03c64537
-
SHA512
23e099f476a74cfee4767676b2cd287518898abdc2d73fb596b32e83838c2b6e7a09029b85d17e8e49c9d76c2a230e4959a2925a984c7104cb41c8594d9e78b1
-
SSDEEP
6144:zYfBgeMRrKsW3towlz877/ciz7CV0RwwVfgI:zVRr23mV0aCuRk
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-