General
-
Target
dd7bf15c0f31c77719f5c20dea788f11fd59f8dc61f5f2d4db0fba713244d132
-
Size
479KB
-
Sample
241109-zvne3s1nft
-
MD5
146c75acda449b7c4a36589ffef0cd25
-
SHA1
dfdec176539f3a8384473ad8dd4903ef7681666a
-
SHA256
dd7bf15c0f31c77719f5c20dea788f11fd59f8dc61f5f2d4db0fba713244d132
-
SHA512
76197497a5b2e30f0910c2a614e360cab2c245d52c99558973466b2ae759578f61edbd892cfd2848a31421fa951b3f11203140da12868da74ae1fbcd55fca717
-
SSDEEP
6144:KCy+bnr+cp0yN90QEfFf3jOlGL7TYF9jhVhC4yzP/aiFIuFOuHRVTvuvnlgOT+8V:uMr0y90xFfa0L/Yzjhn3UDIQTTWtyA
Static task
static1
Behavioral task
behavioral1
Sample
dd7bf15c0f31c77719f5c20dea788f11fd59f8dc61f5f2d4db0fba713244d132.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dippo
217.196.96.102:4132
-
auth_value
79490ff628fd6af3b29170c3c163874b
Targets
-
-
Target
dd7bf15c0f31c77719f5c20dea788f11fd59f8dc61f5f2d4db0fba713244d132
-
Size
479KB
-
MD5
146c75acda449b7c4a36589ffef0cd25
-
SHA1
dfdec176539f3a8384473ad8dd4903ef7681666a
-
SHA256
dd7bf15c0f31c77719f5c20dea788f11fd59f8dc61f5f2d4db0fba713244d132
-
SHA512
76197497a5b2e30f0910c2a614e360cab2c245d52c99558973466b2ae759578f61edbd892cfd2848a31421fa951b3f11203140da12868da74ae1fbcd55fca717
-
SSDEEP
6144:KCy+bnr+cp0yN90QEfFf3jOlGL7TYF9jhVhC4yzP/aiFIuFOuHRVTvuvnlgOT+8V:uMr0y90xFfa0L/Yzjhn3UDIQTTWtyA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-