General
-
Target
e88a3a91bbb07bb7ad81e066fca86e02d0124efb934cc5bff72efe385b121500
-
Size
480KB
-
Sample
241110-ya5ceswqfq
-
MD5
db4cbe12ddfc899a01a5c9d3f1206e51
-
SHA1
0f5d6956d1912f0297b80518ce01a6d49fba8b34
-
SHA256
e88a3a91bbb07bb7ad81e066fca86e02d0124efb934cc5bff72efe385b121500
-
SHA512
9fcff2127a533d360d1fb38d79d01316fede74826a8a6f60fb4bdd5d5df7114fbb3fd2f2b59fb643a7dc7f527d2031e47ee523c04a6cfeb122b33c0a4160d9fe
-
SSDEEP
12288:iMrOy90aGNCbrNSZBKwiiWPIbDqjJ3MUZB:oybf4ZKi0Ib+99ZB
Static task
static1
Behavioral task
behavioral1
Sample
e88a3a91bbb07bb7ad81e066fca86e02d0124efb934cc5bff72efe385b121500.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
e88a3a91bbb07bb7ad81e066fca86e02d0124efb934cc5bff72efe385b121500
-
Size
480KB
-
MD5
db4cbe12ddfc899a01a5c9d3f1206e51
-
SHA1
0f5d6956d1912f0297b80518ce01a6d49fba8b34
-
SHA256
e88a3a91bbb07bb7ad81e066fca86e02d0124efb934cc5bff72efe385b121500
-
SHA512
9fcff2127a533d360d1fb38d79d01316fede74826a8a6f60fb4bdd5d5df7114fbb3fd2f2b59fb643a7dc7f527d2031e47ee523c04a6cfeb122b33c0a4160d9fe
-
SSDEEP
12288:iMrOy90aGNCbrNSZBKwiiWPIbDqjJ3MUZB:oybf4ZKi0Ib+99ZB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-