General
-
Target
50100a111e859bd8a1371e78ddb40fb440f527420b1c40de82793a7e00ad7723
-
Size
587KB
-
Sample
241111-bcyw4azamc
-
MD5
a81cc9e938ed6f0369ca08db243e3a4d
-
SHA1
e3443c94334caf10c0ea50cf7cc227e94774b4d5
-
SHA256
50100a111e859bd8a1371e78ddb40fb440f527420b1c40de82793a7e00ad7723
-
SHA512
9a775976a1a0151be1ddbe04a8295d575e16f1d64e15acba517c9d7378b5c0c8177b9ad8c272f15068e636291904eddeb2ac0614311d71a2c487274a6179d7c6
-
SSDEEP
12288:3Mroy90Ltv6jYCt4drweRd/Lrp/u6tMBwRbqP6xIHM:3yaDg41wqL1sBw9zKs
Static task
static1
Behavioral task
behavioral1
Sample
50100a111e859bd8a1371e78ddb40fb440f527420b1c40de82793a7e00ad7723.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
50100a111e859bd8a1371e78ddb40fb440f527420b1c40de82793a7e00ad7723
-
Size
587KB
-
MD5
a81cc9e938ed6f0369ca08db243e3a4d
-
SHA1
e3443c94334caf10c0ea50cf7cc227e94774b4d5
-
SHA256
50100a111e859bd8a1371e78ddb40fb440f527420b1c40de82793a7e00ad7723
-
SHA512
9a775976a1a0151be1ddbe04a8295d575e16f1d64e15acba517c9d7378b5c0c8177b9ad8c272f15068e636291904eddeb2ac0614311d71a2c487274a6179d7c6
-
SSDEEP
12288:3Mroy90Ltv6jYCt4drweRd/Lrp/u6tMBwRbqP6xIHM:3yaDg41wqL1sBw9zKs
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-