General
-
Target
3f6c7f04e8a82e6477c22ee81ed09af992129675d960526f2f7282581c5df3db
-
Size
730KB
-
Sample
241108-wknfjswgmg
-
MD5
8b54f943ef46e60db16c7be5d4d08585
-
SHA1
9cf7edd42652f8ce9810d789a33eb744b2b3382d
-
SHA256
3f6c7f04e8a82e6477c22ee81ed09af992129675d960526f2f7282581c5df3db
-
SHA512
b77d577550dfe113055d50d1fc7d23ae43d1dfaa04acf7f8f8bdcfbcfd17169022b6920160243c9cbd004f82341015f1acce67b9017b5529ec9f682793868c39
-
SSDEEP
12288:BMrcy90b9/SMyipIQtQ9oEXPWfEXhX4ni2W6jFbn++QNgnak:NyQ9aC1WoEXPbXP2W6xY8
Static task
static1
Behavioral task
behavioral1
Sample
3f6c7f04e8a82e6477c22ee81ed09af992129675d960526f2f7282581c5df3db.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dars
83.97.73.127:19045
-
auth_value
7cd208e6b6c927262304d5d4d88647fd
Targets
-
-
Target
3f6c7f04e8a82e6477c22ee81ed09af992129675d960526f2f7282581c5df3db
-
Size
730KB
-
MD5
8b54f943ef46e60db16c7be5d4d08585
-
SHA1
9cf7edd42652f8ce9810d789a33eb744b2b3382d
-
SHA256
3f6c7f04e8a82e6477c22ee81ed09af992129675d960526f2f7282581c5df3db
-
SHA512
b77d577550dfe113055d50d1fc7d23ae43d1dfaa04acf7f8f8bdcfbcfd17169022b6920160243c9cbd004f82341015f1acce67b9017b5529ec9f682793868c39
-
SSDEEP
12288:BMrcy90b9/SMyipIQtQ9oEXPWfEXhX4ni2W6jFbn++QNgnak:NyQ9aC1WoEXPbXP2W6xY8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-