General
-
Target
c4720377b41550baf6a7cccda63fc397
-
Size
261KB
-
Sample
241109-mkzzxavrfr
-
MD5
c4720377b41550baf6a7cccda63fc397
-
SHA1
7874fb571ba96a6eb6e439b6fe199abafdb762a2
-
SHA256
62fec95155481258f5f293a77e8bb198b2df7ec8cbbdeb93b1e7f7f380fd7578
-
SHA512
be69969ed0f8a55d74a9d18e1500bc4bb7bacf558bac8b32667bf3dde1bcc4e7db80d8a4492809672dc4aaa482c76eeb0c9035ab30459f32eef3a28d91adedaf
-
SSDEEP
6144:4zQdZL5OLb3vEx8BrxaRxrEClJXhy+FFzxz32drX9rtg8u1:4Chsjdyx1XhFFf2dRpgp1
Static task
static1
Behavioral task
behavioral1
Sample
ferrari2.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ferrari2.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
noname
185.215.113.29:34865
-
auth_value
9070981b949039479ba8eae270c35aa0
Targets
-
-
Target
ferrari2.exe
-
Size
408KB
-
MD5
37245961c3b48c8371d53573668f1e7c
-
SHA1
55db7ac97ab07a33b13c7a449409478afaf97727
-
SHA256
c36f77f64cebf8ac8520c9fb71d687a9fb7873f14ba2c0c59697cdb8de3835cc
-
SHA512
5ef47926e6765278a17c3d2823dc87dddf4ee8d0beae5adca70c48cc55d8b54f7da9fd7d21bedaad735ad87a7f98fb6c590fae7f3f7b19a4319a4f5a0269a2fa
-
SSDEEP
6144:1rdvAqwMwkhEWh5d1POteeXUiQSLCoSo4oMt0aGtYw/CEslXnm4/4:1Bvh0WvgXUOLmFosiYw/fJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-