General
-
Target
dbc3fcb4ced5239d544b92154d6e2a2a602efdce79e38ac17e97af1d78105f04
-
Size
480KB
-
Sample
241110-brt7fsweqp
-
MD5
13ee56593cc3c024c729c7568fbde0e1
-
SHA1
3107b853c16e850abc1205e24bdf37f83cd3a613
-
SHA256
dbc3fcb4ced5239d544b92154d6e2a2a602efdce79e38ac17e97af1d78105f04
-
SHA512
f03614da36d8321230f7a0ec30fca517845b24d5dbc007ed3f99dc680b10ba1ca197760c578b66061fbdab29199875599de26cf4ccb8d813559a7f473a5d08a3
-
SSDEEP
12288:GMruy90zKTHgphPxmmyZLQU22moUSU5lSrRP:MyWKammyZLQU22DUSU5lSrRP
Static task
static1
Behavioral task
behavioral1
Sample
dbc3fcb4ced5239d544b92154d6e2a2a602efdce79e38ac17e97af1d78105f04.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
dbc3fcb4ced5239d544b92154d6e2a2a602efdce79e38ac17e97af1d78105f04
-
Size
480KB
-
MD5
13ee56593cc3c024c729c7568fbde0e1
-
SHA1
3107b853c16e850abc1205e24bdf37f83cd3a613
-
SHA256
dbc3fcb4ced5239d544b92154d6e2a2a602efdce79e38ac17e97af1d78105f04
-
SHA512
f03614da36d8321230f7a0ec30fca517845b24d5dbc007ed3f99dc680b10ba1ca197760c578b66061fbdab29199875599de26cf4ccb8d813559a7f473a5d08a3
-
SSDEEP
12288:GMruy90zKTHgphPxmmyZLQU22moUSU5lSrRP:MyWKammyZLQU22DUSU5lSrRP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-