General
-
Target
9cc007f8bd802a9a66f523279781657f5933e2f1bfe79687eaa89ff31617a372
-
Size
479KB
-
Sample
241110-brwqaayrbj
-
MD5
6389e11dc4e94b240b147d05f68c0cd0
-
SHA1
f62d845c4e6c837ca75c6c9cac70f1412c739566
-
SHA256
9cc007f8bd802a9a66f523279781657f5933e2f1bfe79687eaa89ff31617a372
-
SHA512
a1236529e523bbc75ba8bb25234ece88b4907dd59db0a265c7e281402cc52f8489ecf8c1907911abec1912b6b90689dc723a0b26a4143caf8e200fe4cc11ed9c
-
SSDEEP
12288:NMrEy90T5SNYKv4wbroGt4vWXzoa9qjTf7G+n65ppGSnJB:VyBFHoTvqzH9qjxCpG0JB
Static task
static1
Behavioral task
behavioral1
Sample
9cc007f8bd802a9a66f523279781657f5933e2f1bfe79687eaa89ff31617a372.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
diwer
217.196.96.101:4132
-
auth_value
42abfa9e4f2e290c8bdbc776fd9bb6ad
Targets
-
-
Target
9cc007f8bd802a9a66f523279781657f5933e2f1bfe79687eaa89ff31617a372
-
Size
479KB
-
MD5
6389e11dc4e94b240b147d05f68c0cd0
-
SHA1
f62d845c4e6c837ca75c6c9cac70f1412c739566
-
SHA256
9cc007f8bd802a9a66f523279781657f5933e2f1bfe79687eaa89ff31617a372
-
SHA512
a1236529e523bbc75ba8bb25234ece88b4907dd59db0a265c7e281402cc52f8489ecf8c1907911abec1912b6b90689dc723a0b26a4143caf8e200fe4cc11ed9c
-
SSDEEP
12288:NMrEy90T5SNYKv4wbroGt4vWXzoa9qjTf7G+n65ppGSnJB:VyBFHoTvqzH9qjxCpG0JB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-