General
-
Target
dcfbae871db8ad6928e112015a35d6a7
-
Size
449KB
-
Sample
231220-s74t9sdhf7
-
MD5
dcfbae871db8ad6928e112015a35d6a7
-
SHA1
39bf14ddfa186c6d46368c0d3cd3bf1b5d1b39cd
-
SHA256
3e82398f9f9a2f7da0824127d41b97fe03e886f33b6f725689b4c68217e453f1
-
SHA512
af8dd8049cea5e48535c31ad87af006a1e6df624e4db44e0ba0685e2e6e94fd0b547ddf07fbd492df2c2da32e8c02714e1be079e807d891c8fd59895e8379224
-
SSDEEP
12288:yhL9rECFGOxhDCo3Gd9gEybyekMYGb0ELa8dLmdeNPH+:yrbog5Co2b/cyeki0ELPmI
Static task
static1
Behavioral task
behavioral1
Sample
dcfbae871db8ad6928e112015a35d6a7.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
paladin
178.63.26.132:29795
-
auth_value
f27db372188045eefdf974196ead3dae
Targets
-
-
Target
dcfbae871db8ad6928e112015a35d6a7
-
Size
449KB
-
MD5
dcfbae871db8ad6928e112015a35d6a7
-
SHA1
39bf14ddfa186c6d46368c0d3cd3bf1b5d1b39cd
-
SHA256
3e82398f9f9a2f7da0824127d41b97fe03e886f33b6f725689b4c68217e453f1
-
SHA512
af8dd8049cea5e48535c31ad87af006a1e6df624e4db44e0ba0685e2e6e94fd0b547ddf07fbd492df2c2da32e8c02714e1be079e807d891c8fd59895e8379224
-
SSDEEP
12288:yhL9rECFGOxhDCo3Gd9gEybyekMYGb0ELa8dLmdeNPH+:yrbog5Co2b/cyeki0ELPmI
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-