General
-
Target
17c5e841e61fb3144d50a1716b0f0caa6f315ca485c5226b03d6d67c768a5e17
-
Size
480KB
-
Sample
241110-yskezatfmn
-
MD5
d89213875aa8d0ffdca4d6590997d900
-
SHA1
b328b547981b61a0101626b1948878c830154a56
-
SHA256
17c5e841e61fb3144d50a1716b0f0caa6f315ca485c5226b03d6d67c768a5e17
-
SHA512
79493e8e25b430997cf812019d5a767a279c651d65f31e810205b27ccf579c801b52d069b9be8e4f6646f768b1a85206352b9e7043e4482e98c8ed8ea8209af3
-
SSDEEP
12288:1MrKy90zAywxv1jdBuxqCv0uXnoPGktJ:/yRBJBCqO0uGGA
Static task
static1
Behavioral task
behavioral1
Sample
17c5e841e61fb3144d50a1716b0f0caa6f315ca485c5226b03d6d67c768a5e17.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
17c5e841e61fb3144d50a1716b0f0caa6f315ca485c5226b03d6d67c768a5e17
-
Size
480KB
-
MD5
d89213875aa8d0ffdca4d6590997d900
-
SHA1
b328b547981b61a0101626b1948878c830154a56
-
SHA256
17c5e841e61fb3144d50a1716b0f0caa6f315ca485c5226b03d6d67c768a5e17
-
SHA512
79493e8e25b430997cf812019d5a767a279c651d65f31e810205b27ccf579c801b52d069b9be8e4f6646f768b1a85206352b9e7043e4482e98c8ed8ea8209af3
-
SSDEEP
12288:1MrKy90zAywxv1jdBuxqCv0uXnoPGktJ:/yRBJBCqO0uGGA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-