General
-
Target
1f65d82c586d9c8c49c63e4b4efcff17c755783f2c892f4c490443cfa01574bcN
-
Size
1.5MB
-
Sample
241109-2dsdtatemd
-
MD5
ac22837a38adfc6119ce450871ead180
-
SHA1
c8c53433789cd6d5c1c139e0f6e334b450297dc2
-
SHA256
1f65d82c586d9c8c49c63e4b4efcff17c755783f2c892f4c490443cfa01574bc
-
SHA512
4d84f6ca1b151bbd85fcdfbc010962fc4aa23098bdc8ed015f52a8a86c44ef8487d99d78c39baf6e105658c2af66f38e51c1287af08277de7feeda83c34532f2
-
SSDEEP
24576:HyKeyzRgeDofKI69Ad8+rmciy5DhSBXdBseZu99PzmwxIBXgHf+uFHLdrLPB9lq6:SKNVEKI0+ZigDhSBZMiQ0Xw+Wdtq7asQ
Static task
static1
Behavioral task
behavioral1
Sample
1f65d82c586d9c8c49c63e4b4efcff17c755783f2c892f4c490443cfa01574bcN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
most
185.161.248.73:4164
-
auth_value
7da4dfa153f2919e617aa016f7c36008
Targets
-
-
Target
1f65d82c586d9c8c49c63e4b4efcff17c755783f2c892f4c490443cfa01574bcN
-
Size
1.5MB
-
MD5
ac22837a38adfc6119ce450871ead180
-
SHA1
c8c53433789cd6d5c1c139e0f6e334b450297dc2
-
SHA256
1f65d82c586d9c8c49c63e4b4efcff17c755783f2c892f4c490443cfa01574bc
-
SHA512
4d84f6ca1b151bbd85fcdfbc010962fc4aa23098bdc8ed015f52a8a86c44ef8487d99d78c39baf6e105658c2af66f38e51c1287af08277de7feeda83c34532f2
-
SSDEEP
24576:HyKeyzRgeDofKI69Ad8+rmciy5DhSBXdBseZu99PzmwxIBXgHf+uFHLdrLPB9lq6:SKNVEKI0+ZigDhSBZMiQ0Xw+Wdtq7asQ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-