General
-
Target
17a5734a70d122f212f6c30cf6d1b0a0f7bf250b56a0228e719acd91dcf27549
-
Size
731KB
-
Sample
241110-zqdp3syjbp
-
MD5
c086b02da96c711cbabfe821bffa640d
-
SHA1
ef2cef7954f06fe74909478c2306d696dc40b801
-
SHA256
17a5734a70d122f212f6c30cf6d1b0a0f7bf250b56a0228e719acd91dcf27549
-
SHA512
56626fa1ea7965742b61dca9ef9b5e6d8bea03d4fa98619efb04abb686cb04f49b59a6cf4dfc4899a73a3fe52d2a0526cde459ffd6a2700ef888a37c2386e925
-
SSDEEP
12288:hMrky90psL61Xo1QgDNn0V0YG1ugrtQ9oQrmliE06ffdx2tSZk9/Fh8R6+mK4b0q:NyyyRGrynJWoQr4iEFPTI40n06
Static task
static1
Behavioral task
behavioral1
Sample
17a5734a70d122f212f6c30cf6d1b0a0f7bf250b56a0228e719acd91dcf27549.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dars
83.97.73.127:19045
-
auth_value
7cd208e6b6c927262304d5d4d88647fd
Targets
-
-
Target
17a5734a70d122f212f6c30cf6d1b0a0f7bf250b56a0228e719acd91dcf27549
-
Size
731KB
-
MD5
c086b02da96c711cbabfe821bffa640d
-
SHA1
ef2cef7954f06fe74909478c2306d696dc40b801
-
SHA256
17a5734a70d122f212f6c30cf6d1b0a0f7bf250b56a0228e719acd91dcf27549
-
SHA512
56626fa1ea7965742b61dca9ef9b5e6d8bea03d4fa98619efb04abb686cb04f49b59a6cf4dfc4899a73a3fe52d2a0526cde459ffd6a2700ef888a37c2386e925
-
SSDEEP
12288:hMrky90psL61Xo1QgDNn0V0YG1ugrtQ9oQrmliE06ffdx2tSZk9/Fh8R6+mK4b0q:NyyyRGrynJWoQr4iEFPTI40n06
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-