General
-
Target
22d17154f0d055f098ff7c39aed98d01c3e7b0e587923f125e0c2e10fe0e6d2d
-
Size
480KB
-
Sample
241110-3z1gzsybkc
-
MD5
7542c09fa0bce200dd526598b2500b82
-
SHA1
92a0239d1831a70700e3c08ba851d00dd9495a74
-
SHA256
22d17154f0d055f098ff7c39aed98d01c3e7b0e587923f125e0c2e10fe0e6d2d
-
SHA512
f8293194d10df2d8c1f70bec10fb90a07bfdea0a1f7bf6c99e502aa4fafbf8fe35f3cd57e978252683e191368d528bcb10b2f9a289b215bbaf578d66e92725fd
-
SSDEEP
12288:GMrQy90iCzpf5QDyOCvGaq9zcfMIDzcUYSgG3tPv:Sy/KHGz9zsDio
Static task
static1
Behavioral task
behavioral1
Sample
22d17154f0d055f098ff7c39aed98d01c3e7b0e587923f125e0c2e10fe0e6d2d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
22d17154f0d055f098ff7c39aed98d01c3e7b0e587923f125e0c2e10fe0e6d2d
-
Size
480KB
-
MD5
7542c09fa0bce200dd526598b2500b82
-
SHA1
92a0239d1831a70700e3c08ba851d00dd9495a74
-
SHA256
22d17154f0d055f098ff7c39aed98d01c3e7b0e587923f125e0c2e10fe0e6d2d
-
SHA512
f8293194d10df2d8c1f70bec10fb90a07bfdea0a1f7bf6c99e502aa4fafbf8fe35f3cd57e978252683e191368d528bcb10b2f9a289b215bbaf578d66e92725fd
-
SSDEEP
12288:GMrQy90iCzpf5QDyOCvGaq9zcfMIDzcUYSgG3tPv:Sy/KHGz9zsDio
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-