General
-
Target
afd3177ea74d77bc9e1e79ce3529cdeca6ba66f1b8dec66a97c244553227d112
-
Size
567KB
-
Sample
241111-a2df1sydjm
-
MD5
a219e8927dd27399aa65963e192bef81
-
SHA1
c7b344cc04425c2424197b36e1cdbd7ebc6369b0
-
SHA256
afd3177ea74d77bc9e1e79ce3529cdeca6ba66f1b8dec66a97c244553227d112
-
SHA512
e464d09d8361cad2d5645b5aad449f2b80b6ae233e4f3d4767997b915b021b9442d5a2cfdae5ab1d08acf66e786463e19d62dbd389ba2e89d0e413372510dd42
-
SSDEEP
12288:kMrBy90V3GaBXC/r3HiHbiCWgefQQ6sk+xXEG7VvJI:lyUN0r3HkbHefB6sMGVO
Static task
static1
Behavioral task
behavioral1
Sample
afd3177ea74d77bc9e1e79ce3529cdeca6ba66f1b8dec66a97c244553227d112.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
afd3177ea74d77bc9e1e79ce3529cdeca6ba66f1b8dec66a97c244553227d112
-
Size
567KB
-
MD5
a219e8927dd27399aa65963e192bef81
-
SHA1
c7b344cc04425c2424197b36e1cdbd7ebc6369b0
-
SHA256
afd3177ea74d77bc9e1e79ce3529cdeca6ba66f1b8dec66a97c244553227d112
-
SHA512
e464d09d8361cad2d5645b5aad449f2b80b6ae233e4f3d4767997b915b021b9442d5a2cfdae5ab1d08acf66e786463e19d62dbd389ba2e89d0e413372510dd42
-
SSDEEP
12288:kMrBy90V3GaBXC/r3HiHbiCWgefQQ6sk+xXEG7VvJI:lyUN0r3HkbHefB6sMGVO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-