General
-
Target
4ff4b70620bd2551140295c2318d1f9203e10a091ed3c89c3fac8a0064879452
-
Size
479KB
-
Sample
241110-xxdybawnem
-
MD5
6c9d28bcc4f068e4fc540b57d5ead84d
-
SHA1
057ba8c2812d04e556b7c616b7ebbee58473b4fb
-
SHA256
4ff4b70620bd2551140295c2318d1f9203e10a091ed3c89c3fac8a0064879452
-
SHA512
1f57c7033d95d2ff410f486388384caf16795bfd9bc7113096a923ae7cd06a49a6ca45121cb463d83efa2eef307db1cb941f3ec54ff8bcb3afcaa1c3d541b6b9
-
SSDEEP
12288:7MrIy90ACHaPwSGG3U1ekPR6qvJchMcC9D:ryoEyNPIqvMCB
Static task
static1
Behavioral task
behavioral1
Sample
4ff4b70620bd2551140295c2318d1f9203e10a091ed3c89c3fac8a0064879452.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
4ff4b70620bd2551140295c2318d1f9203e10a091ed3c89c3fac8a0064879452
-
Size
479KB
-
MD5
6c9d28bcc4f068e4fc540b57d5ead84d
-
SHA1
057ba8c2812d04e556b7c616b7ebbee58473b4fb
-
SHA256
4ff4b70620bd2551140295c2318d1f9203e10a091ed3c89c3fac8a0064879452
-
SHA512
1f57c7033d95d2ff410f486388384caf16795bfd9bc7113096a923ae7cd06a49a6ca45121cb463d83efa2eef307db1cb941f3ec54ff8bcb3afcaa1c3d541b6b9
-
SSDEEP
12288:7MrIy90ACHaPwSGG3U1ekPR6qvJchMcC9D:ryoEyNPIqvMCB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-