General
-
Target
8c787fdfb5c6e934a218c153a8cf2f8c59ccc1875640ece708b3178129ab3871
-
Size
588KB
-
Sample
241105-fwe1jsxqbj
-
MD5
e675f48c52bf9b3f0e1e2ad4f1b70990
-
SHA1
163b61b26a7b25fb55b7b81046d6a4afc834bb50
-
SHA256
8c787fdfb5c6e934a218c153a8cf2f8c59ccc1875640ece708b3178129ab3871
-
SHA512
c175a7362cfba3edaae1b7b81daa2728ad31065a32c24b937d65f53525d80ee3bb663791d597a9b62439dbf16823c448a6aca076a490084fccaa71b61472e2da
-
SSDEEP
12288:5MrRy90KgkS6slFqf3ljEqtBJdzr+jyxaPFoHVLWZT7:UylrS6CIf3l4g5P3aa2X
Static task
static1
Behavioral task
behavioral1
Sample
8c787fdfb5c6e934a218c153a8cf2f8c59ccc1875640ece708b3178129ab3871.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
8c787fdfb5c6e934a218c153a8cf2f8c59ccc1875640ece708b3178129ab3871
-
Size
588KB
-
MD5
e675f48c52bf9b3f0e1e2ad4f1b70990
-
SHA1
163b61b26a7b25fb55b7b81046d6a4afc834bb50
-
SHA256
8c787fdfb5c6e934a218c153a8cf2f8c59ccc1875640ece708b3178129ab3871
-
SHA512
c175a7362cfba3edaae1b7b81daa2728ad31065a32c24b937d65f53525d80ee3bb663791d597a9b62439dbf16823c448a6aca076a490084fccaa71b61472e2da
-
SSDEEP
12288:5MrRy90KgkS6slFqf3ljEqtBJdzr+jyxaPFoHVLWZT7:UylrS6CIf3l4g5P3aa2X
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-