General
-
Target
f9390d54be028fe7f19899d0c816d1298704003647d5977442877215bf9c59f3
-
Size
479KB
-
Sample
241109-zd1n3ssajr
-
MD5
19c1f800c25bf9bd9a92469482a4549c
-
SHA1
d5bc7ae493dda8372e1203cd448adf37367e804b
-
SHA256
f9390d54be028fe7f19899d0c816d1298704003647d5977442877215bf9c59f3
-
SHA512
d211afbbbad50e4e10f2e2865749322548da364daf938334a9040ba97921d07a179874f38a7dfd8faa949d7fc60cfe12ab5a30738ddc4f55ec16badae3cce5cb
-
SSDEEP
12288:lMrry90wbXUtPjZUN0qE8kF91rqHgwzISk0hi:ayOZKPfkFzogwzIgc
Static task
static1
Behavioral task
behavioral1
Sample
f9390d54be028fe7f19899d0c816d1298704003647d5977442877215bf9c59f3.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
diwer
217.196.96.101:4132
-
auth_value
42abfa9e4f2e290c8bdbc776fd9bb6ad
Targets
-
-
Target
f9390d54be028fe7f19899d0c816d1298704003647d5977442877215bf9c59f3
-
Size
479KB
-
MD5
19c1f800c25bf9bd9a92469482a4549c
-
SHA1
d5bc7ae493dda8372e1203cd448adf37367e804b
-
SHA256
f9390d54be028fe7f19899d0c816d1298704003647d5977442877215bf9c59f3
-
SHA512
d211afbbbad50e4e10f2e2865749322548da364daf938334a9040ba97921d07a179874f38a7dfd8faa949d7fc60cfe12ab5a30738ddc4f55ec16badae3cce5cb
-
SSDEEP
12288:lMrry90wbXUtPjZUN0qE8kF91rqHgwzISk0hi:ayOZKPfkFzogwzIgc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-