General
-
Target
325d275190fa49e56479b0ec79b081454ffe91c15f30927e8ef6e617cd472e59
-
Size
588KB
-
Sample
241105-e8fbeavcma
-
MD5
2959a24dbd6674e1f2ed7bfdc669b3d6
-
SHA1
0fb7275aaa7abad8af1604436ec00daed0fde588
-
SHA256
325d275190fa49e56479b0ec79b081454ffe91c15f30927e8ef6e617cd472e59
-
SHA512
c44f4bb0baf2720ba2c4dc8907705eba01cf662ac1af489f21983530e7c3456874085f9664f407dc19b8d8da31f30cd4627cae0dfbc4a011a12ce1c612422064
-
SSDEEP
12288:LMrYV0qS78objfP/vfP/vfP/vf6qaK6qaK6qaK6qaKN9tdN9tdN9tdNdy90QZbh6:GyVxBl9jNOW8wVVsjZG0
Static task
static1
Behavioral task
behavioral1
Sample
325d275190fa49e56479b0ec79b081454ffe91c15f30927e8ef6e617cd472e59.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
325d275190fa49e56479b0ec79b081454ffe91c15f30927e8ef6e617cd472e59
-
Size
588KB
-
MD5
2959a24dbd6674e1f2ed7bfdc669b3d6
-
SHA1
0fb7275aaa7abad8af1604436ec00daed0fde588
-
SHA256
325d275190fa49e56479b0ec79b081454ffe91c15f30927e8ef6e617cd472e59
-
SHA512
c44f4bb0baf2720ba2c4dc8907705eba01cf662ac1af489f21983530e7c3456874085f9664f407dc19b8d8da31f30cd4627cae0dfbc4a011a12ce1c612422064
-
SSDEEP
12288:LMrYV0qS78objfP/vfP/vfP/vf6qaK6qaK6qaK6qaKN9tdN9tdN9tdNdy90QZbh6:GyVxBl9jNOW8wVVsjZG0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-