General
-
Target
ff7ea0bc8fa371abc258eb5ee5b240022337e77013f7c4c8534847c4cf88bdd5
-
Size
480KB
-
Sample
241111-bmewzazbrc
-
MD5
47004236a06c43c30bcb12a2589646cc
-
SHA1
251e473433f3fbe28c83e4e02cd86af947cf6ea2
-
SHA256
ff7ea0bc8fa371abc258eb5ee5b240022337e77013f7c4c8534847c4cf88bdd5
-
SHA512
52be21157e0297877d082783780d934d79939a4322595ad31234af4e70ef48980144c51f44dda74197cd78012bb93ed72c39bab22c9c162d39618f67efd9da95
-
SSDEEP
12288:1MrSy90I9o5wA/H2KwsuwHwYAFN3Aghm2HW:nyl+WKwsSlrA+pW
Static task
static1
Behavioral task
behavioral1
Sample
ff7ea0bc8fa371abc258eb5ee5b240022337e77013f7c4c8534847c4cf88bdd5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
ff7ea0bc8fa371abc258eb5ee5b240022337e77013f7c4c8534847c4cf88bdd5
-
Size
480KB
-
MD5
47004236a06c43c30bcb12a2589646cc
-
SHA1
251e473433f3fbe28c83e4e02cd86af947cf6ea2
-
SHA256
ff7ea0bc8fa371abc258eb5ee5b240022337e77013f7c4c8534847c4cf88bdd5
-
SHA512
52be21157e0297877d082783780d934d79939a4322595ad31234af4e70ef48980144c51f44dda74197cd78012bb93ed72c39bab22c9c162d39618f67efd9da95
-
SSDEEP
12288:1MrSy90I9o5wA/H2KwsuwHwYAFN3Aghm2HW:nyl+WKwsSlrA+pW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-