General
-
Target
6f8e1083763c29331a8a89b0e87ce5d3a65082d04b8e17a133f69915e7ec72c7
-
Size
556KB
-
Sample
241109-m4felssldz
-
MD5
86751ccf3450705deb2751f8b9cad5aa
-
SHA1
cac15580afeddba436d64506885a1dad9728af01
-
SHA256
6f8e1083763c29331a8a89b0e87ce5d3a65082d04b8e17a133f69915e7ec72c7
-
SHA512
13f12b8e3ad39bb817cacf61b7fdb0a7b579bb0274ae080f23e81924529592024e2e247d7813e4619009b7b9d851d9fb7ea2a3acdb072b4169b70a10533615bc
-
SSDEEP
12288:tMrEy905ZclIc1mKHtgUQjGbyIfv1wLxJkNa2shB4eSIS:Zy0YP1btsIfv1mk7shB4eA
Static task
static1
Behavioral task
behavioral1
Sample
6f8e1083763c29331a8a89b0e87ce5d3a65082d04b8e17a133f69915e7ec72c7.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
darm
217.196.96.56:4138
-
auth_value
d88ac8ccc04ab9979b04b46313db1648
Targets
-
-
Target
6f8e1083763c29331a8a89b0e87ce5d3a65082d04b8e17a133f69915e7ec72c7
-
Size
556KB
-
MD5
86751ccf3450705deb2751f8b9cad5aa
-
SHA1
cac15580afeddba436d64506885a1dad9728af01
-
SHA256
6f8e1083763c29331a8a89b0e87ce5d3a65082d04b8e17a133f69915e7ec72c7
-
SHA512
13f12b8e3ad39bb817cacf61b7fdb0a7b579bb0274ae080f23e81924529592024e2e247d7813e4619009b7b9d851d9fb7ea2a3acdb072b4169b70a10533615bc
-
SSDEEP
12288:tMrEy905ZclIc1mKHtgUQjGbyIfv1wLxJkNa2shB4eSIS:Zy0YP1btsIfv1mk7shB4eA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-