General
-
Target
5b52f9fd7c818323d45f1ba999d3111d293493ee59681c84bf14ff7ba5c4828f
-
Size
479KB
-
Sample
241109-znqa4ascje
-
MD5
91c76f2a9e7285184b7d55de212dcff4
-
SHA1
bddf326aa81e94b0c793efdbf2d0f6e913ea77e8
-
SHA256
5b52f9fd7c818323d45f1ba999d3111d293493ee59681c84bf14ff7ba5c4828f
-
SHA512
b2954f54310cacb95fde8291bd8cf46bd12a38731e5eb88d4f5b4f897e604a687af3459756504f348d8063a046e45820e44e2f058f0f744897a4c18a02d9e56e
-
SSDEEP
12288:CMruy90xlD9WFGRq3901pXGmATE/Z9buS8gzbyqL5o2:4ymXWFRmpWxTEKSv+Ky2
Static task
static1
Behavioral task
behavioral1
Sample
5b52f9fd7c818323d45f1ba999d3111d293493ee59681c84bf14ff7ba5c4828f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ditro
217.196.96.101:4132
-
auth_value
8f24ed370a9b24aa28d3d634ea57912e
Targets
-
-
Target
5b52f9fd7c818323d45f1ba999d3111d293493ee59681c84bf14ff7ba5c4828f
-
Size
479KB
-
MD5
91c76f2a9e7285184b7d55de212dcff4
-
SHA1
bddf326aa81e94b0c793efdbf2d0f6e913ea77e8
-
SHA256
5b52f9fd7c818323d45f1ba999d3111d293493ee59681c84bf14ff7ba5c4828f
-
SHA512
b2954f54310cacb95fde8291bd8cf46bd12a38731e5eb88d4f5b4f897e604a687af3459756504f348d8063a046e45820e44e2f058f0f744897a4c18a02d9e56e
-
SSDEEP
12288:CMruy90xlD9WFGRq3901pXGmATE/Z9buS8gzbyqL5o2:4ymXWFRmpWxTEKSv+Ky2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-