General
-
Target
ee2117d864527c90f3fcdd72ee59bc6c3691ee425ea85a265706a43c5ba74b45
-
Size
479KB
-
Sample
241109-155b1stdkd
-
MD5
a5c9756351755d1c54824ef7e3622faf
-
SHA1
15a8e3ca0c967cfa8492786341255812dfbb78e3
-
SHA256
ee2117d864527c90f3fcdd72ee59bc6c3691ee425ea85a265706a43c5ba74b45
-
SHA512
874b68458da5f4c1636e45aa85a0cc1d2b680a3c53ccb4374342b14209206e2087174c8ad0ce1e2d8ca5eb94f0c600d5f5906642e3ce684fb795b8749d740f01
-
SSDEEP
12288:eMrKy90c2oWTrwXHtb/T/ToGHmHt9D0d:IyJWKNb/T7oeIt9D0d
Static task
static1
Behavioral task
behavioral1
Sample
ee2117d864527c90f3fcdd72ee59bc6c3691ee425ea85a265706a43c5ba74b45.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dona
217.196.96.101:4132
-
auth_value
9fbb198992bbc83a84ab1f21384813e3
Targets
-
-
Target
ee2117d864527c90f3fcdd72ee59bc6c3691ee425ea85a265706a43c5ba74b45
-
Size
479KB
-
MD5
a5c9756351755d1c54824ef7e3622faf
-
SHA1
15a8e3ca0c967cfa8492786341255812dfbb78e3
-
SHA256
ee2117d864527c90f3fcdd72ee59bc6c3691ee425ea85a265706a43c5ba74b45
-
SHA512
874b68458da5f4c1636e45aa85a0cc1d2b680a3c53ccb4374342b14209206e2087174c8ad0ce1e2d8ca5eb94f0c600d5f5906642e3ce684fb795b8749d740f01
-
SSDEEP
12288:eMrKy90c2oWTrwXHtb/T/ToGHmHt9D0d:IyJWKNb/T7oeIt9D0d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-