General
-
Target
59db45b2ff61da49edaefdb0a80f7b79d06b8f38c5bfa84798106fc619579252
-
Size
603KB
-
Sample
241110-xahyrasdnr
-
MD5
bb826f2ea965655f3932c1048045cc42
-
SHA1
45346dba76628f828919f62cbcddfc8bdeb4d92f
-
SHA256
59db45b2ff61da49edaefdb0a80f7b79d06b8f38c5bfa84798106fc619579252
-
SHA512
49326a9e8ffa9a3ad18cc3bfca17f6f8913346869b301eab1e2964bed868e4d5e647128fcb5dfb9607a300df7e6457aaafe81f14c555d7bf951ff0331fab8182
-
SSDEEP
12288:2Mr8y90UNUybSawGoTwYskqxEwBEgMLu5uJFbEruK69BEEta1LSc0rn1:Gy9UyWawGoEBnLBEfLuQo6zBBxbh
Static task
static1
Behavioral task
behavioral1
Sample
59db45b2ff61da49edaefdb0a80f7b79d06b8f38c5bfa84798106fc619579252.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
59db45b2ff61da49edaefdb0a80f7b79d06b8f38c5bfa84798106fc619579252
-
Size
603KB
-
MD5
bb826f2ea965655f3932c1048045cc42
-
SHA1
45346dba76628f828919f62cbcddfc8bdeb4d92f
-
SHA256
59db45b2ff61da49edaefdb0a80f7b79d06b8f38c5bfa84798106fc619579252
-
SHA512
49326a9e8ffa9a3ad18cc3bfca17f6f8913346869b301eab1e2964bed868e4d5e647128fcb5dfb9607a300df7e6457aaafe81f14c555d7bf951ff0331fab8182
-
SSDEEP
12288:2Mr8y90UNUybSawGoTwYskqxEwBEgMLu5uJFbEruK69BEEta1LSc0rn1:Gy9UyWawGoEBnLBEfLuQo6zBBxbh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-