General
-
Target
4de1b6e4d353f8577d54f88141e1b432436ef7f2dea66af0929d71c4c583802e
-
Size
641KB
-
Sample
241109-ynec6atnbk
-
MD5
53bbd67c90ff25f8d3abd3c382c0b112
-
SHA1
0116e538e1cce6ee406a3d48443a2df54d9676e4
-
SHA256
4de1b6e4d353f8577d54f88141e1b432436ef7f2dea66af0929d71c4c583802e
-
SHA512
fe5ed5344d014f6b1b92054deb9ee2c0118ff707a42a8a85cee08d3634237944bdd80472914af841469cbdf9ed282a1fdbc3bc1b9f00c2d8b3a3ea5ba40585ef
-
SSDEEP
12288:oMrDy90KSgMlYZL0OrN5C5AUs8S1VYfPg1Kw83Af:7yJ0OK5AztVYf41YQ
Static task
static1
Behavioral task
behavioral1
Sample
4de1b6e4d353f8577d54f88141e1b432436ef7f2dea66af0929d71c4c583802e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
darm
217.196.96.56:4138
-
auth_value
d88ac8ccc04ab9979b04b46313db1648
Targets
-
-
Target
4de1b6e4d353f8577d54f88141e1b432436ef7f2dea66af0929d71c4c583802e
-
Size
641KB
-
MD5
53bbd67c90ff25f8d3abd3c382c0b112
-
SHA1
0116e538e1cce6ee406a3d48443a2df54d9676e4
-
SHA256
4de1b6e4d353f8577d54f88141e1b432436ef7f2dea66af0929d71c4c583802e
-
SHA512
fe5ed5344d014f6b1b92054deb9ee2c0118ff707a42a8a85cee08d3634237944bdd80472914af841469cbdf9ed282a1fdbc3bc1b9f00c2d8b3a3ea5ba40585ef
-
SSDEEP
12288:oMrDy90KSgMlYZL0OrN5C5AUs8S1VYfPg1Kw83Af:7yJ0OK5AztVYf41YQ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-