General
-
Target
29657fee94ce91b10dfd3b24186f9ea51172dc32b1a687f344a984a108257a48
-
Size
643KB
-
Sample
241110-bkdk5avqes
-
MD5
94a406360fd8a4c7e86c2339205855ba
-
SHA1
cd9b546e8b177e0c98d794ac561ed0c01caf312b
-
SHA256
29657fee94ce91b10dfd3b24186f9ea51172dc32b1a687f344a984a108257a48
-
SHA512
ed68a2c60917cb49c2400e409bf1666ddf866631c6c3c184a34d65a25452191add579dd5b12b3f2397f1164473480ccfe95f6bdccb05701427cde98c68f62e49
-
SSDEEP
12288:lMrqy90l8/cFfrs1uWLdcRphuavCKHXVr7r4ukpxhNi+:jytsox+PvCKHXVr7fkpxzn
Static task
static1
Behavioral task
behavioral1
Sample
29657fee94ce91b10dfd3b24186f9ea51172dc32b1a687f344a984a108257a48.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
darm
217.196.96.56:4138
-
auth_value
d88ac8ccc04ab9979b04b46313db1648
Targets
-
-
Target
29657fee94ce91b10dfd3b24186f9ea51172dc32b1a687f344a984a108257a48
-
Size
643KB
-
MD5
94a406360fd8a4c7e86c2339205855ba
-
SHA1
cd9b546e8b177e0c98d794ac561ed0c01caf312b
-
SHA256
29657fee94ce91b10dfd3b24186f9ea51172dc32b1a687f344a984a108257a48
-
SHA512
ed68a2c60917cb49c2400e409bf1666ddf866631c6c3c184a34d65a25452191add579dd5b12b3f2397f1164473480ccfe95f6bdccb05701427cde98c68f62e49
-
SSDEEP
12288:lMrqy90l8/cFfrs1uWLdcRphuavCKHXVr7r4ukpxhNi+:jytsox+PvCKHXVr7fkpxzn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-