General
-
Target
f364508883bc6bda2d0229ca660c6a0e7800002cb788446f67cea61eaf65d626
-
Size
771KB
-
Sample
241109-fdnjzaxhla
-
MD5
4c7b78498ee24b338eeaa207ab6f1928
-
SHA1
60a5202bca4553fa72bf1cb508f4c7fc7a2dfb79
-
SHA256
f364508883bc6bda2d0229ca660c6a0e7800002cb788446f67cea61eaf65d626
-
SHA512
db19e4ec500acff5e9f228cf3d058df7c76743033cd470c00f2fbaea7c6649af683d0d5402caca37137a0eb938982204eeec70e062b46e48d0521f11281c6b2b
-
SSDEEP
12288:gMrpy90asiBQTgKWMxX7XRJy+iT1Cyy3x7eKwvq/mQACWglVnTw2aGIvWdFF+:Zy6i0LXRssP/BAYvT1XLc
Static task
static1
Behavioral task
behavioral1
Sample
f364508883bc6bda2d0229ca660c6a0e7800002cb788446f67cea61eaf65d626.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
misik
217.196.96.102:4132
-
auth_value
9133827666bc8f4b05339316460b08aa
Targets
-
-
Target
f364508883bc6bda2d0229ca660c6a0e7800002cb788446f67cea61eaf65d626
-
Size
771KB
-
MD5
4c7b78498ee24b338eeaa207ab6f1928
-
SHA1
60a5202bca4553fa72bf1cb508f4c7fc7a2dfb79
-
SHA256
f364508883bc6bda2d0229ca660c6a0e7800002cb788446f67cea61eaf65d626
-
SHA512
db19e4ec500acff5e9f228cf3d058df7c76743033cd470c00f2fbaea7c6649af683d0d5402caca37137a0eb938982204eeec70e062b46e48d0521f11281c6b2b
-
SSDEEP
12288:gMrpy90asiBQTgKWMxX7XRJy+iT1Cyy3x7eKwvq/mQACWglVnTw2aGIvWdFF+:Zy6i0LXRssP/BAYvT1XLc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1