General
-
Target
11ce308e3f8add99615b6894b35d19fdf38068074f758d3373e8ccd93ddb406c
-
Size
480KB
-
Sample
241110-zyyefsykep
-
MD5
efa950a9ae0a8a6c01d2345ba4581c9c
-
SHA1
4f69124949bc8e522d86499d91300684d552e496
-
SHA256
11ce308e3f8add99615b6894b35d19fdf38068074f758d3373e8ccd93ddb406c
-
SHA512
ecd5140c9d80e1fbd330a77a1704777a4eb9486cd59ebd6ddce238f3e7319c9ec6c2602055b985c5968286231413a16800bc617cfaafc57fee9dff9056dc565c
-
SSDEEP
12288:3Mr6y904N4yXWHKJ/A7NCPCCwT8/2e4yay:5ybNfmHK6NCaCwTm34Vy
Static task
static1
Behavioral task
behavioral1
Sample
11ce308e3f8add99615b6894b35d19fdf38068074f758d3373e8ccd93ddb406c.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
11ce308e3f8add99615b6894b35d19fdf38068074f758d3373e8ccd93ddb406c
-
Size
480KB
-
MD5
efa950a9ae0a8a6c01d2345ba4581c9c
-
SHA1
4f69124949bc8e522d86499d91300684d552e496
-
SHA256
11ce308e3f8add99615b6894b35d19fdf38068074f758d3373e8ccd93ddb406c
-
SHA512
ecd5140c9d80e1fbd330a77a1704777a4eb9486cd59ebd6ddce238f3e7319c9ec6c2602055b985c5968286231413a16800bc617cfaafc57fee9dff9056dc565c
-
SSDEEP
12288:3Mr6y904N4yXWHKJ/A7NCPCCwT8/2e4yay:5ybNfmHK6NCaCwTm34Vy
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-