General
-
Target
59bc9b7fbd5bf8aeb9dbd709946a4f2ef7f579bb20cb499487533852ff575231
-
Size
567KB
-
Sample
241105-bkp9xssarj
-
MD5
111e55c8de984b5a79dc882de60a377c
-
SHA1
62c5c7a05999daeac05138d8055d1fc4b2360f88
-
SHA256
59bc9b7fbd5bf8aeb9dbd709946a4f2ef7f579bb20cb499487533852ff575231
-
SHA512
69bd6474ddc587a96880e5273bcfd09cb4ae397baaa1dec8eac433eeb57348dc043b2d88436991be9a88babeaad532ae91a31c64dd5762f364c0416a4cc18250
-
SSDEEP
12288:nMrTy90Vo7kAN6AfJ0L+XzQH3W5kU038Iz1rf:QysovpzQH3WngB
Static task
static1
Behavioral task
behavioral1
Sample
59bc9b7fbd5bf8aeb9dbd709946a4f2ef7f579bb20cb499487533852ff575231.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
59bc9b7fbd5bf8aeb9dbd709946a4f2ef7f579bb20cb499487533852ff575231
-
Size
567KB
-
MD5
111e55c8de984b5a79dc882de60a377c
-
SHA1
62c5c7a05999daeac05138d8055d1fc4b2360f88
-
SHA256
59bc9b7fbd5bf8aeb9dbd709946a4f2ef7f579bb20cb499487533852ff575231
-
SHA512
69bd6474ddc587a96880e5273bcfd09cb4ae397baaa1dec8eac433eeb57348dc043b2d88436991be9a88babeaad532ae91a31c64dd5762f364c0416a4cc18250
-
SSDEEP
12288:nMrTy90Vo7kAN6AfJ0L+XzQH3W5kU038Iz1rf:QysovpzQH3WngB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-