General
-
Target
3633d187c10c7f69511f5f4663814749fe3f3996297de176bf5762a25cb3d647.exe
-
Size
480KB
-
Sample
241110-zrcjeavgmh
-
MD5
08b238c23f6b4888ec66171a5ab016a5
-
SHA1
0e15d152a47849560f081c8d60719c6f996b043d
-
SHA256
3633d187c10c7f69511f5f4663814749fe3f3996297de176bf5762a25cb3d647
-
SHA512
a823c25cf08ace58a36024518af9980c99f419950000dba0d5b3b00234aaa50f0b56542a68d7650d38ee17059253da38290d0c65f301ba2f6841988a7baca3a5
-
SSDEEP
12288:IMrgy90LbjdfPHWLozrH6pB6/QmxteN2+nr0oyQAKXZ:Yy+j9HWczrHAmQWW2+nuQtZ
Static task
static1
Behavioral task
behavioral1
Sample
3633d187c10c7f69511f5f4663814749fe3f3996297de176bf5762a25cb3d647.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
3633d187c10c7f69511f5f4663814749fe3f3996297de176bf5762a25cb3d647.exe
-
Size
480KB
-
MD5
08b238c23f6b4888ec66171a5ab016a5
-
SHA1
0e15d152a47849560f081c8d60719c6f996b043d
-
SHA256
3633d187c10c7f69511f5f4663814749fe3f3996297de176bf5762a25cb3d647
-
SHA512
a823c25cf08ace58a36024518af9980c99f419950000dba0d5b3b00234aaa50f0b56542a68d7650d38ee17059253da38290d0c65f301ba2f6841988a7baca3a5
-
SSDEEP
12288:IMrgy90LbjdfPHWLozrH6pB6/QmxteN2+nr0oyQAKXZ:Yy+j9HWczrHAmQWW2+nuQtZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-