General
-
Target
5bf9c8353cd8f92bf0629daf77d246b3ab3d20f16e54eab3f003bf5ffc0f0971
-
Size
752KB
-
Sample
241109-evtxmsxemr
-
MD5
3173ad0cf8f92fc0953466c89d9bbf42
-
SHA1
705c73b4ed0a5caafe0f6ee37ebbceb9bec73aa4
-
SHA256
5bf9c8353cd8f92bf0629daf77d246b3ab3d20f16e54eab3f003bf5ffc0f0971
-
SHA512
ee6e800e6f795ebcbac3bdfd2cc9a056e6e2475018ab4ce945f23eb8ae2e5be99ecb9a2ff2ef87fad998e7243c494964092c17c3b462a8f28cfc2b6a9056a4b6
-
SSDEEP
12288:VMrly90wZDux2x7hTlzs5iCSTYhAhNCPTRul7ISOkfcuqRoIDfPEgz5rXMXmqU0x:MyDueTlzs58N2TRuVMxRRDf8cMXF9
Static task
static1
Behavioral task
behavioral1
Sample
5bf9c8353cd8f92bf0629daf77d246b3ab3d20f16e54eab3f003bf5ffc0f0971.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dars
83.97.73.127:19045
-
auth_value
7cd208e6b6c927262304d5d4d88647fd
Targets
-
-
Target
5bf9c8353cd8f92bf0629daf77d246b3ab3d20f16e54eab3f003bf5ffc0f0971
-
Size
752KB
-
MD5
3173ad0cf8f92fc0953466c89d9bbf42
-
SHA1
705c73b4ed0a5caafe0f6ee37ebbceb9bec73aa4
-
SHA256
5bf9c8353cd8f92bf0629daf77d246b3ab3d20f16e54eab3f003bf5ffc0f0971
-
SHA512
ee6e800e6f795ebcbac3bdfd2cc9a056e6e2475018ab4ce945f23eb8ae2e5be99ecb9a2ff2ef87fad998e7243c494964092c17c3b462a8f28cfc2b6a9056a4b6
-
SSDEEP
12288:VMrly90wZDux2x7hTlzs5iCSTYhAhNCPTRul7ISOkfcuqRoIDfPEgz5rXMXmqU0x:MyDueTlzs58N2TRuVMxRRDf8cMXF9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-