General
-
Target
06fab2f31b43b69689af57d0b84472062d127c7e96140deb49b842c3c3d27525
-
Size
480KB
-
Sample
241110-ym4awsxjgr
-
MD5
2b3b33d120d901a322d81a271ae0fc4f
-
SHA1
b034436c440256fbbbc9ec3792c54e8111b3c6da
-
SHA256
06fab2f31b43b69689af57d0b84472062d127c7e96140deb49b842c3c3d27525
-
SHA512
7d19632ac4c66f53c70963dbb119ce8e5d8e3d22cfe0714f622d9151ac799b70cf2987dcf95d0945e97a31ea9b4dffa8cf541924ed406fc9c2fb0441810787a5
-
SSDEEP
12288:IMrgy90LbjdfPHWLozrH6pB6/QmxteN2+nr0oyQAKX:Yy+j9HWczrHAmQWW2+nuQt
Static task
static1
Behavioral task
behavioral1
Sample
06fab2f31b43b69689af57d0b84472062d127c7e96140deb49b842c3c3d27525.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
06fab2f31b43b69689af57d0b84472062d127c7e96140deb49b842c3c3d27525
-
Size
480KB
-
MD5
2b3b33d120d901a322d81a271ae0fc4f
-
SHA1
b034436c440256fbbbc9ec3792c54e8111b3c6da
-
SHA256
06fab2f31b43b69689af57d0b84472062d127c7e96140deb49b842c3c3d27525
-
SHA512
7d19632ac4c66f53c70963dbb119ce8e5d8e3d22cfe0714f622d9151ac799b70cf2987dcf95d0945e97a31ea9b4dffa8cf541924ed406fc9c2fb0441810787a5
-
SSDEEP
12288:IMrgy90LbjdfPHWLozrH6pB6/QmxteN2+nr0oyQAKX:Yy+j9HWczrHAmQWW2+nuQt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-