General
-
Target
2dc4a356558b229e53998e6c114b3697aa1cf08f3da6122b2d3c5b01c9790414
-
Size
479KB
-
Sample
241030-1ylakatkfm
-
MD5
e821de3920101930f276babb770be5d9
-
SHA1
946be878107032eea4d9d487e6689bf60b421eba
-
SHA256
2dc4a356558b229e53998e6c114b3697aa1cf08f3da6122b2d3c5b01c9790414
-
SHA512
43eee2b89a56e8d1db9d07ca1e73dedd34642273bc6dd528284fe1cde5c98436dd193ac82e5eec210ed203e238a80ce36737496ada192e373c912503882ac82b
-
SSDEEP
12288:8Mr4y90IFnDSTEnL0kJmCNqN2cFVwcBw8g:EyPFIk7qEcFec7g
Static task
static1
Behavioral task
behavioral1
Sample
2dc4a356558b229e53998e6c114b3697aa1cf08f3da6122b2d3c5b01c9790414.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
diwer
217.196.96.101:4132
-
auth_value
42abfa9e4f2e290c8bdbc776fd9bb6ad
Targets
-
-
Target
2dc4a356558b229e53998e6c114b3697aa1cf08f3da6122b2d3c5b01c9790414
-
Size
479KB
-
MD5
e821de3920101930f276babb770be5d9
-
SHA1
946be878107032eea4d9d487e6689bf60b421eba
-
SHA256
2dc4a356558b229e53998e6c114b3697aa1cf08f3da6122b2d3c5b01c9790414
-
SHA512
43eee2b89a56e8d1db9d07ca1e73dedd34642273bc6dd528284fe1cde5c98436dd193ac82e5eec210ed203e238a80ce36737496ada192e373c912503882ac82b
-
SSDEEP
12288:8Mr4y90IFnDSTEnL0kJmCNqN2cFVwcBw8g:EyPFIk7qEcFec7g
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-