General
-
Target
25676f49140cc80fd97ff368ece03ac4b4f96dd87ee0c764cddcd0125c68f509
-
Size
730KB
-
Sample
241104-ssvcaaselj
-
MD5
0da7ed8f28f48a1fbe9fc286fe8bc565
-
SHA1
d9bb3aab9fe0edc0e239140b070f92abe5a48750
-
SHA256
25676f49140cc80fd97ff368ece03ac4b4f96dd87ee0c764cddcd0125c68f509
-
SHA512
8c9e4e65e2d5b1d67b9b74917df80dd0715577ced7acff922081a5db91469f634b8ea18a2d720c363334d91e9f8393f071e844d9a9c425cea9812545fa878d1e
-
SSDEEP
12288:GMrcy903rFz6myoIqJ5toKnbtQ9oIpgyCSUDbMrPbzUk8YzAU/cv/xC8Br7z:SyK5Xy/qPlWoIpgFSUDbIPX9YicRCsv
Static task
static1
Behavioral task
behavioral1
Sample
25676f49140cc80fd97ff368ece03ac4b4f96dd87ee0c764cddcd0125c68f509.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dars
83.97.73.127:19045
-
auth_value
7cd208e6b6c927262304d5d4d88647fd
Targets
-
-
Target
25676f49140cc80fd97ff368ece03ac4b4f96dd87ee0c764cddcd0125c68f509
-
Size
730KB
-
MD5
0da7ed8f28f48a1fbe9fc286fe8bc565
-
SHA1
d9bb3aab9fe0edc0e239140b070f92abe5a48750
-
SHA256
25676f49140cc80fd97ff368ece03ac4b4f96dd87ee0c764cddcd0125c68f509
-
SHA512
8c9e4e65e2d5b1d67b9b74917df80dd0715577ced7acff922081a5db91469f634b8ea18a2d720c363334d91e9f8393f071e844d9a9c425cea9812545fa878d1e
-
SSDEEP
12288:GMrcy903rFz6myoIqJ5toKnbtQ9oIpgyCSUDbMrPbzUk8YzAU/cv/xC8Br7z:SyK5Xy/qPlWoIpgFSUDbIPX9YicRCsv
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-