General
-
Target
99a5333dfc6a14b55afd756ea0032102162bd7339b07872018e6565278d867bf
-
Size
479KB
-
Sample
241109-mgcefasjat
-
MD5
d04dc6931c91c487da949ba487e7b421
-
SHA1
e19c47004bf6f0b2910227e5b328caef85447d27
-
SHA256
99a5333dfc6a14b55afd756ea0032102162bd7339b07872018e6565278d867bf
-
SHA512
bb0d9cf68845b458f98789665ed060306a2d5fcce8970f0627a1b379d3ae54a8bb5b3104bba978b4c6a801b289baf26ace45e43599de8a6cf294f67df8d584a3
-
SSDEEP
12288:TMr6y90Ndqa1uBQY6moc5rxKOFqT9WhfDFVNJHIA:1yiwakZP5KTIhfrN91
Static task
static1
Behavioral task
behavioral1
Sample
99a5333dfc6a14b55afd756ea0032102162bd7339b07872018e6565278d867bf.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dease
217.196.96.101:4132
-
auth_value
82e4d5f9abc21848e0345118814a4e6c
Targets
-
-
Target
99a5333dfc6a14b55afd756ea0032102162bd7339b07872018e6565278d867bf
-
Size
479KB
-
MD5
d04dc6931c91c487da949ba487e7b421
-
SHA1
e19c47004bf6f0b2910227e5b328caef85447d27
-
SHA256
99a5333dfc6a14b55afd756ea0032102162bd7339b07872018e6565278d867bf
-
SHA512
bb0d9cf68845b458f98789665ed060306a2d5fcce8970f0627a1b379d3ae54a8bb5b3104bba978b4c6a801b289baf26ace45e43599de8a6cf294f67df8d584a3
-
SSDEEP
12288:TMr6y90Ndqa1uBQY6moc5rxKOFqT9WhfDFVNJHIA:1yiwakZP5KTIhfrN91
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-