General
-
Target
5f3e5a2d33c925517279d521a8d61f49ef85f95e91ef7f01ee906f2a8b5fa67a
-
Size
587KB
-
Sample
241105-ez5vpsvaqg
-
MD5
1b1fb4f475434601d0a96e864d1b0e9c
-
SHA1
9511c60cf19b161077b063bdb2bcf543893efac6
-
SHA256
5f3e5a2d33c925517279d521a8d61f49ef85f95e91ef7f01ee906f2a8b5fa67a
-
SHA512
359f1c6dc245b8cfa3fbcce743fc3ed3f16eb9fb6658223e28c76e3df4027521227a88de986c64552b0442e871fcb138d079429dafa11faf6a5e7a5bcc360178
-
SSDEEP
12288:nMr3y90zlQD1f2nCJwB2xuMzlYK3Rqg36+3TYX:UyidnWwwPzlYK3wg36UE
Static task
static1
Behavioral task
behavioral1
Sample
5f3e5a2d33c925517279d521a8d61f49ef85f95e91ef7f01ee906f2a8b5fa67a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
5f3e5a2d33c925517279d521a8d61f49ef85f95e91ef7f01ee906f2a8b5fa67a
-
Size
587KB
-
MD5
1b1fb4f475434601d0a96e864d1b0e9c
-
SHA1
9511c60cf19b161077b063bdb2bcf543893efac6
-
SHA256
5f3e5a2d33c925517279d521a8d61f49ef85f95e91ef7f01ee906f2a8b5fa67a
-
SHA512
359f1c6dc245b8cfa3fbcce743fc3ed3f16eb9fb6658223e28c76e3df4027521227a88de986c64552b0442e871fcb138d079429dafa11faf6a5e7a5bcc360178
-
SSDEEP
12288:nMr3y90zlQD1f2nCJwB2xuMzlYK3Rqg36+3TYX:UyidnWwwPzlYK3wg36UE
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-