General
-
Target
3bca0ff7de86237784fe73ccb19efd68
-
Size
245KB
-
Sample
241109-yevnsa1bnl
-
MD5
3bca0ff7de86237784fe73ccb19efd68
-
SHA1
b4802e645c79ff4a634cd2e0f4fcca68505a50e4
-
SHA256
946c1c27ded39010c0fbfbbc97c7b49f6b4cfd97fcaabedd03faf6ba8125cec5
-
SHA512
f5569c8675340bc12a72b676bfa82c10d5ce78d0e9c20b1a47fc7a48c9a32ab4c4159749ed9ca0dc4ab64d466032e705c294cc6ca4d2ae527b3810832f00f36f
-
SSDEEP
6144:5Vrfu8hHsQUHWUjcdapymMB3B5S6BQCFFOO3L+JEIhYK:ti2zdaYKCFFhDdK
Static task
static1
Behavioral task
behavioral1
Sample
3eac5bbdfde1725766ce68a53713f9977789dfc8f3890f5fd9ef9c622ea13a05.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3eac5bbdfde1725766ce68a53713f9977789dfc8f3890f5fd9ef9c622ea13a05.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ghost
104.37.174.31:27620
-
auth_value
1d44e9a3b9adc75d1064fce70c099dc7
Targets
-
-
Target
3eac5bbdfde1725766ce68a53713f9977789dfc8f3890f5fd9ef9c622ea13a05.exe
-
Size
303KB
-
MD5
ff210196de802f86a76c7cb3d4e3d740
-
SHA1
106aae4600eaa56937a1d94b8f90cc6b8d6b5f55
-
SHA256
3eac5bbdfde1725766ce68a53713f9977789dfc8f3890f5fd9ef9c622ea13a05
-
SHA512
0f52fe35266f07f8b8edcef77022d1a27dcb0855f3189cc5a6fff3d7fa8cc87eae3b91952c8e8dce880664c81a8f638a987ae73646b30d8bedefe58835005683
-
SSDEEP
6144:Au4LuhYvmLIJQAxdE26tjacB6RH7IzvfQzcGPFhtzFAkU:A366OMJQb26pa06RH76fuzd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-