General
-
Target
747b9652359501d2aa346d2861e9cb9ea5305e685830434b3de4b3d860eaab8c
-
Size
479KB
-
Sample
241109-zdxmesvjhl
-
MD5
1c7b8ec4a4f311498e47eb720160bb46
-
SHA1
849dbbf6c9f4d7d2f90d609b1988ed660d23fd7d
-
SHA256
747b9652359501d2aa346d2861e9cb9ea5305e685830434b3de4b3d860eaab8c
-
SHA512
66bb4c9d6d2e8314f53e1996a89fb8f19ae98d474d6e4e03415ba813f2a849b3b4880630416416f6771f0f8aa73e07e67f5a84de75a7ff65088e516424eae48b
-
SSDEEP
12288:SMrey90qsKAogS90r+N8LBqMbL1VFULI1rqEwZLrfk:wytsKZg60rDBlF7Lrz+r8
Static task
static1
Behavioral task
behavioral1
Sample
747b9652359501d2aa346d2861e9cb9ea5305e685830434b3de4b3d860eaab8c.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
domor
217.196.96.101:4132
-
auth_value
39471bda00546bb0435bc7adfd6881dc
Targets
-
-
Target
747b9652359501d2aa346d2861e9cb9ea5305e685830434b3de4b3d860eaab8c
-
Size
479KB
-
MD5
1c7b8ec4a4f311498e47eb720160bb46
-
SHA1
849dbbf6c9f4d7d2f90d609b1988ed660d23fd7d
-
SHA256
747b9652359501d2aa346d2861e9cb9ea5305e685830434b3de4b3d860eaab8c
-
SHA512
66bb4c9d6d2e8314f53e1996a89fb8f19ae98d474d6e4e03415ba813f2a849b3b4880630416416f6771f0f8aa73e07e67f5a84de75a7ff65088e516424eae48b
-
SSDEEP
12288:SMrey90qsKAogS90r+N8LBqMbL1VFULI1rqEwZLrfk:wytsKZg60rDBlF7Lrz+r8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-