General
-
Target
171ae43a442d2d13dfb87289b7f8606c22499d9c4a6cf8cba4b19a68b3cb0461
-
Size
588KB
-
Sample
241105-a7rwlazpfy
-
MD5
eda31af148be4a96b3ac857bd595d74e
-
SHA1
462f5ba7c6bba0ccb41101bcf1a5560674887d0f
-
SHA256
171ae43a442d2d13dfb87289b7f8606c22499d9c4a6cf8cba4b19a68b3cb0461
-
SHA512
91997bdc588868a3db04ccbd3bd16a6cf9d58bf4d31393645062b7f6040cbf3a24baf383bc2533742144fc64bb0edae38ead9d4e462b7b85116f2ff8b47812fd
-
SSDEEP
12288:vMrPy90LvdqCgWyJSPRYlq4A1QV6u88WC8TYjhz+xj9m8mumT4eFXxfD:ky6xgWyJSPRyq4MQVj8dC8Ti+nm8Do46
Static task
static1
Behavioral task
behavioral1
Sample
171ae43a442d2d13dfb87289b7f8606c22499d9c4a6cf8cba4b19a68b3cb0461.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
171ae43a442d2d13dfb87289b7f8606c22499d9c4a6cf8cba4b19a68b3cb0461
-
Size
588KB
-
MD5
eda31af148be4a96b3ac857bd595d74e
-
SHA1
462f5ba7c6bba0ccb41101bcf1a5560674887d0f
-
SHA256
171ae43a442d2d13dfb87289b7f8606c22499d9c4a6cf8cba4b19a68b3cb0461
-
SHA512
91997bdc588868a3db04ccbd3bd16a6cf9d58bf4d31393645062b7f6040cbf3a24baf383bc2533742144fc64bb0edae38ead9d4e462b7b85116f2ff8b47812fd
-
SSDEEP
12288:vMrPy90LvdqCgWyJSPRYlq4A1QV6u88WC8TYjhz+xj9m8mumT4eFXxfD:ky6xgWyJSPRyq4MQVj8dC8Ti+nm8Do46
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-