General
-
Target
edba8edd7df10f34a3e443c175baff5b518a6d740c965bd24ea4f6670a424748
-
Size
479KB
-
Sample
241110-w5wbwsscrl
-
MD5
dbc61fbcd99957a453ea6e93b43fab13
-
SHA1
f8f8e31fe8980f8a84b1ab324a6d85c6225e7e92
-
SHA256
edba8edd7df10f34a3e443c175baff5b518a6d740c965bd24ea4f6670a424748
-
SHA512
0ad6c4180aaec8e51a76ee6af02bcdf9e2c3c9240759be2d3cadde6285f89de3e21ef41feb9a6cf2025e3892042a2a4fe3950fab91b943799352c78f04f4bf17
-
SSDEEP
12288:rMrwy90P+jSvsMTHTIPoynXWwvCauaHcWzx+TeX/:3yU+jSvp0PoyX3vZualMTo/
Static task
static1
Behavioral task
behavioral1
Sample
edba8edd7df10f34a3e443c175baff5b518a6d740c965bd24ea4f6670a424748.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
edba8edd7df10f34a3e443c175baff5b518a6d740c965bd24ea4f6670a424748
-
Size
479KB
-
MD5
dbc61fbcd99957a453ea6e93b43fab13
-
SHA1
f8f8e31fe8980f8a84b1ab324a6d85c6225e7e92
-
SHA256
edba8edd7df10f34a3e443c175baff5b518a6d740c965bd24ea4f6670a424748
-
SHA512
0ad6c4180aaec8e51a76ee6af02bcdf9e2c3c9240759be2d3cadde6285f89de3e21ef41feb9a6cf2025e3892042a2a4fe3950fab91b943799352c78f04f4bf17
-
SSDEEP
12288:rMrwy90P+jSvsMTHTIPoynXWwvCauaHcWzx+TeX/:3yU+jSvp0PoyX3vZualMTo/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-