General
-
Target
51ac97760aa7a447d5f6db6cfd2bef9bde55e1ca8d5fa7df6347adbf85d4a08e
-
Size
480KB
-
Sample
241110-11xflswekp
-
MD5
300f5b61bb47be630a24da0e37e59150
-
SHA1
29fca7c84c913649e47b093951df086da9e95956
-
SHA256
51ac97760aa7a447d5f6db6cfd2bef9bde55e1ca8d5fa7df6347adbf85d4a08e
-
SHA512
35ae6919814a8a530fc083572d0c6f67ae81382b39ccab9abc9eb62e6c9756fa5b09ccf74290e99c01c48ca64885021f8c4a37fad4dd2dd79dd62f08bc7fe803
-
SSDEEP
12288:VMriy90f+/KTWHwB8ok3jv6KoDY1YgG9pLOU7s/:nysGTN3z6KoDY1YggOSU
Static task
static1
Behavioral task
behavioral1
Sample
51ac97760aa7a447d5f6db6cfd2bef9bde55e1ca8d5fa7df6347adbf85d4a08e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
51ac97760aa7a447d5f6db6cfd2bef9bde55e1ca8d5fa7df6347adbf85d4a08e
-
Size
480KB
-
MD5
300f5b61bb47be630a24da0e37e59150
-
SHA1
29fca7c84c913649e47b093951df086da9e95956
-
SHA256
51ac97760aa7a447d5f6db6cfd2bef9bde55e1ca8d5fa7df6347adbf85d4a08e
-
SHA512
35ae6919814a8a530fc083572d0c6f67ae81382b39ccab9abc9eb62e6c9756fa5b09ccf74290e99c01c48ca64885021f8c4a37fad4dd2dd79dd62f08bc7fe803
-
SSDEEP
12288:VMriy90f+/KTWHwB8ok3jv6KoDY1YgG9pLOU7s/:nysGTN3z6KoDY1YggOSU
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-