General
-
Target
bcf16704ce7e8ca95c6b690e58062ff1e9e54134655b81a105a1c3ba62ad05e0
-
Size
479KB
-
Sample
241109-znawea1mcx
-
MD5
48d45f33b0470d9deaa617b3f1c58f43
-
SHA1
1f09b8721ed61f11f40eb041569461ff80b45543
-
SHA256
bcf16704ce7e8ca95c6b690e58062ff1e9e54134655b81a105a1c3ba62ad05e0
-
SHA512
e7ee5610759cd99fc5e74f744c6c98fb77178d5027ad489eb8cff4fd500e8e8473f7ef08704bf7aeefb43cb6ae5b08ef4f347e7ddc80b667fa7f5412e1cfcb5d
-
SSDEEP
12288:BMrky9028BYxvUpEnSpLEb2dVVVMFD7Vn7:tyyYx8iSpLEy9V2p
Static task
static1
Behavioral task
behavioral1
Sample
bcf16704ce7e8ca95c6b690e58062ff1e9e54134655b81a105a1c3ba62ad05e0.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dona
217.196.96.101:4132
-
auth_value
9fbb198992bbc83a84ab1f21384813e3
Targets
-
-
Target
bcf16704ce7e8ca95c6b690e58062ff1e9e54134655b81a105a1c3ba62ad05e0
-
Size
479KB
-
MD5
48d45f33b0470d9deaa617b3f1c58f43
-
SHA1
1f09b8721ed61f11f40eb041569461ff80b45543
-
SHA256
bcf16704ce7e8ca95c6b690e58062ff1e9e54134655b81a105a1c3ba62ad05e0
-
SHA512
e7ee5610759cd99fc5e74f744c6c98fb77178d5027ad489eb8cff4fd500e8e8473f7ef08704bf7aeefb43cb6ae5b08ef4f347e7ddc80b667fa7f5412e1cfcb5d
-
SSDEEP
12288:BMrky9028BYxvUpEnSpLEb2dVVVMFD7Vn7:tyyYx8iSpLEy9V2p
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-