General
-
Target
ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
-
Size
602KB
-
Sample
241106-qqxcratkam
-
MD5
1f47c4d24a14f869aefef7057cbdb578
-
SHA1
5a13c99f8b60e30f0326eb7f4e4780a86b933cb5
-
SHA256
ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
-
SHA512
ede8fec8ef2ac0bb066089af440c661508357bce72da0159d2edbd1c1266aa6eded8935f6ac2e8f471a1ea3b66a5cebddb481b3b6c55d192ffada9d1b1ae359a
-
SSDEEP
12288:GMr9y90xrOlXM1BmEsYUmdWLNDJ73O67ldawn3j07:DyaOXWOySNDJDXaQ3j07
Static task
static1
Behavioral task
behavioral1
Sample
ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
diza
83.97.73.129:19068
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
-
Size
602KB
-
MD5
1f47c4d24a14f869aefef7057cbdb578
-
SHA1
5a13c99f8b60e30f0326eb7f4e4780a86b933cb5
-
SHA256
ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
-
SHA512
ede8fec8ef2ac0bb066089af440c661508357bce72da0159d2edbd1c1266aa6eded8935f6ac2e8f471a1ea3b66a5cebddb481b3b6c55d192ffada9d1b1ae359a
-
SSDEEP
12288:GMr9y90xrOlXM1BmEsYUmdWLNDJ73O67ldawn3j07:DyaOXWOySNDJDXaQ3j07
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-