General
-
Target
a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49
-
Size
1.4MB
-
Sample
241109-y6pxls1gpd
-
MD5
fba6d78fc9d1581669d47ef7c0ca7019
-
SHA1
975749e29f8f3a664ff935899e869426146ef63c
-
SHA256
a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49
-
SHA512
476f8d3c758578b3d5096408850dcaac1aa88013115de0619873bf79adcdcce304ce76d56cf58e57a094507b4c7f5f9ec71dcda13534d3999c3daaf4e97a4214
-
SSDEEP
24576:xyOKTshBYyckkKhlZDVecr8AhfHq/81XkVvCp17TFQAQwxod:kOKw/BDDYcZfHM81XkV6pzQp
Static task
static1
Behavioral task
behavioral1
Sample
a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
most
185.161.248.73:4164
-
auth_value
7da4dfa153f2919e617aa016f7c36008
Targets
-
-
Target
a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49
-
Size
1.4MB
-
MD5
fba6d78fc9d1581669d47ef7c0ca7019
-
SHA1
975749e29f8f3a664ff935899e869426146ef63c
-
SHA256
a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49
-
SHA512
476f8d3c758578b3d5096408850dcaac1aa88013115de0619873bf79adcdcce304ce76d56cf58e57a094507b4c7f5f9ec71dcda13534d3999c3daaf4e97a4214
-
SSDEEP
24576:xyOKTshBYyckkKhlZDVecr8AhfHq/81XkVvCp17TFQAQwxod:kOKw/BDDYcZfHM81XkV6pzQp
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-