General
-
Target
d493079ff6a8f3e2c09b1920adf79e793ccf165f54d282ecafdfc3ecd73f544b
-
Size
1.5MB
-
Sample
241109-m1bl9aslas
-
MD5
134580d33045b436da01c82557a78c56
-
SHA1
e4d27ceb165e8135ec40f68f9724e42c16ae1673
-
SHA256
d493079ff6a8f3e2c09b1920adf79e793ccf165f54d282ecafdfc3ecd73f544b
-
SHA512
facfc3fb373fa84fb7c546982420f2eb408066e72feac335e47e02c68e2395dda92c081b998d4e82580ef71fcea0045cf874e0ce5e789bd845deaacb1416f6b8
-
SSDEEP
24576:VyjH9dtVoYhRSqwoaoLyz2Ukh3mrYrEm9wzGcJcbNJ4IB6Ye5UNbvhqSfdyEf6hm:wjH9dQoz8HkRGk9wJCo6QshfdP6gW
Static task
static1
Behavioral task
behavioral1
Sample
d493079ff6a8f3e2c09b1920adf79e793ccf165f54d282ecafdfc3ecd73f544b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
most
185.161.248.73:4164
-
auth_value
7da4dfa153f2919e617aa016f7c36008
Targets
-
-
Target
d493079ff6a8f3e2c09b1920adf79e793ccf165f54d282ecafdfc3ecd73f544b
-
Size
1.5MB
-
MD5
134580d33045b436da01c82557a78c56
-
SHA1
e4d27ceb165e8135ec40f68f9724e42c16ae1673
-
SHA256
d493079ff6a8f3e2c09b1920adf79e793ccf165f54d282ecafdfc3ecd73f544b
-
SHA512
facfc3fb373fa84fb7c546982420f2eb408066e72feac335e47e02c68e2395dda92c081b998d4e82580ef71fcea0045cf874e0ce5e789bd845deaacb1416f6b8
-
SSDEEP
24576:VyjH9dtVoYhRSqwoaoLyz2Ukh3mrYrEm9wzGcJcbNJ4IB6Ye5UNbvhqSfdyEf6hm:wjH9dQoz8HkRGk9wJCo6QshfdP6gW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-