General
-
Target
5e126caceae53e81b419f007c74e90c4f0e0110db4278e066a1c5d003c65b2af
-
Size
567KB
-
Sample
241105-ba4pkazqev
-
MD5
2518eee5cce73821143c674a63609b46
-
SHA1
6aedc9d594991c401aa5323db2640cb94f6220bc
-
SHA256
5e126caceae53e81b419f007c74e90c4f0e0110db4278e066a1c5d003c65b2af
-
SHA512
b1fab3481e1e7ea3a2e985e4996deba42a892cb55efc904e332d761e0d9049a65d2f8e52b7d482c24df6d749f0477b4c2681304a355e1a7b625d697d38d803ef
-
SSDEEP
12288:pMr8y90w0CENvJyzOyfYYZUfyq4FSDdcTs1wY9/s6I1:lyCvUzDYYZ+yq4Yjt9/i1
Static task
static1
Behavioral task
behavioral1
Sample
5e126caceae53e81b419f007c74e90c4f0e0110db4278e066a1c5d003c65b2af.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
5e126caceae53e81b419f007c74e90c4f0e0110db4278e066a1c5d003c65b2af
-
Size
567KB
-
MD5
2518eee5cce73821143c674a63609b46
-
SHA1
6aedc9d594991c401aa5323db2640cb94f6220bc
-
SHA256
5e126caceae53e81b419f007c74e90c4f0e0110db4278e066a1c5d003c65b2af
-
SHA512
b1fab3481e1e7ea3a2e985e4996deba42a892cb55efc904e332d761e0d9049a65d2f8e52b7d482c24df6d749f0477b4c2681304a355e1a7b625d697d38d803ef
-
SSDEEP
12288:pMr8y90w0CENvJyzOyfYYZUfyq4FSDdcTs1wY9/s6I1:lyCvUzDYYZ+yq4Yjt9/i1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-