General
-
Target
e9cc8a9d182675df9ef1a9ce468dd4d062f9a07beae6559d64667af0f864470f
-
Size
587KB
-
Sample
241110-bffvpaypcj
-
MD5
251763171adad5d74a0809731503d4a4
-
SHA1
8fa8156a27fdaf622cfc9d8edc7bbc7691a4f38d
-
SHA256
e9cc8a9d182675df9ef1a9ce468dd4d062f9a07beae6559d64667af0f864470f
-
SHA512
19a8cf3d2d801f30060babeb53da84b609011e8c1e35dd68c6966638a9d83037a733eeaa2111ada6ea35d895ef26a50546376ce621daf57fb24790e8c434b350
-
SSDEEP
12288:rMrvy90E+DbWHcqccvMzcsRM+ojKa6ZVIi0K:My26Hcq/vMAh+oea6ZVIi0K
Static task
static1
Behavioral task
behavioral1
Sample
e9cc8a9d182675df9ef1a9ce468dd4d062f9a07beae6559d64667af0f864470f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
e9cc8a9d182675df9ef1a9ce468dd4d062f9a07beae6559d64667af0f864470f
-
Size
587KB
-
MD5
251763171adad5d74a0809731503d4a4
-
SHA1
8fa8156a27fdaf622cfc9d8edc7bbc7691a4f38d
-
SHA256
e9cc8a9d182675df9ef1a9ce468dd4d062f9a07beae6559d64667af0f864470f
-
SHA512
19a8cf3d2d801f30060babeb53da84b609011e8c1e35dd68c6966638a9d83037a733eeaa2111ada6ea35d895ef26a50546376ce621daf57fb24790e8c434b350
-
SSDEEP
12288:rMrvy90E+DbWHcqccvMzcsRM+ojKa6ZVIi0K:My26Hcq/vMAh+oea6ZVIi0K
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-