General
-
Target
f1cb9ecb56a49ec01e79e6aaf46a727472fc1897325b03e64b8cd671c69610e1
-
Size
731KB
-
Sample
241106-w67rbawckr
-
MD5
19dc1eefada8910407fdbcff9827d7dc
-
SHA1
d1e7b491e3a64d779eea2da2f4e4955b2281e71d
-
SHA256
f1cb9ecb56a49ec01e79e6aaf46a727472fc1897325b03e64b8cd671c69610e1
-
SHA512
37fcb201797829355e08285febaacfcd019aee28bf5f4be373d307c3171ab5608a6af01fa8acb636d06560189f4be7f7d86b836642d9b72bc8cada5fb1598cbe
-
SSDEEP
12288:XMrby90xgePriSEXOTKtOXGWPLsKHoMy4m5Td8IkMk0iBFEC:IyFePqXOqOL5m40d9teEC
Static task
static1
Behavioral task
behavioral1
Sample
f1cb9ecb56a49ec01e79e6aaf46a727472fc1897325b03e64b8cd671c69610e1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dars
83.97.73.127:19045
-
auth_value
7cd208e6b6c927262304d5d4d88647fd
Targets
-
-
Target
f1cb9ecb56a49ec01e79e6aaf46a727472fc1897325b03e64b8cd671c69610e1
-
Size
731KB
-
MD5
19dc1eefada8910407fdbcff9827d7dc
-
SHA1
d1e7b491e3a64d779eea2da2f4e4955b2281e71d
-
SHA256
f1cb9ecb56a49ec01e79e6aaf46a727472fc1897325b03e64b8cd671c69610e1
-
SHA512
37fcb201797829355e08285febaacfcd019aee28bf5f4be373d307c3171ab5608a6af01fa8acb636d06560189f4be7f7d86b836642d9b72bc8cada5fb1598cbe
-
SSDEEP
12288:XMrby90xgePriSEXOTKtOXGWPLsKHoMy4m5Td8IkMk0iBFEC:IyFePqXOqOL5m40d9teEC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-