General
-
Target
e6bb37fe1405c1956e4a7c20f2b1579f879cf6c7b009b1e748210278ff9bf670
-
Size
479KB
-
Sample
241109-2chszstenq
-
MD5
ffa0d69eb2c5d8d47ee68928bc2dc889
-
SHA1
18bdc9422307290a953ca83806d0a4d69098f354
-
SHA256
e6bb37fe1405c1956e4a7c20f2b1579f879cf6c7b009b1e748210278ff9bf670
-
SHA512
63b25c95e4a7d6e23fe2dc0e49ebfa24228099cc3907198ec2b0c82fc3bd5d16bc59ee7ee69bfd2e1a3783889bd85105a947a9634090fcb47152882d00fbc25c
-
SSDEEP
12288:fMrgy90PRYNz4ft99ponHwm9Fj48UPnmYaVBD:PyMRYJ4fH9poH9naSBD
Static task
static1
Behavioral task
behavioral1
Sample
e6bb37fe1405c1956e4a7c20f2b1579f879cf6c7b009b1e748210278ff9bf670.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dease
217.196.96.101:4132
-
auth_value
82e4d5f9abc21848e0345118814a4e6c
Targets
-
-
Target
e6bb37fe1405c1956e4a7c20f2b1579f879cf6c7b009b1e748210278ff9bf670
-
Size
479KB
-
MD5
ffa0d69eb2c5d8d47ee68928bc2dc889
-
SHA1
18bdc9422307290a953ca83806d0a4d69098f354
-
SHA256
e6bb37fe1405c1956e4a7c20f2b1579f879cf6c7b009b1e748210278ff9bf670
-
SHA512
63b25c95e4a7d6e23fe2dc0e49ebfa24228099cc3907198ec2b0c82fc3bd5d16bc59ee7ee69bfd2e1a3783889bd85105a947a9634090fcb47152882d00fbc25c
-
SSDEEP
12288:fMrgy90PRYNz4ft99ponHwm9Fj48UPnmYaVBD:PyMRYJ4fH9poH9naSBD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-