General
-
Target
8d595c827a49916221d6b77343b86d36d04850ae34459c4a333b421a8f534ae6
-
Size
567KB
-
Sample
241111-bsajfazcre
-
MD5
64b4d1929a43b783b7376d4e01da0015
-
SHA1
09cb7e9cad00cf3a484e8ae29499557c90d46244
-
SHA256
8d595c827a49916221d6b77343b86d36d04850ae34459c4a333b421a8f534ae6
-
SHA512
45db0d7ced9b1a7c3d8b9beff7b50238637a5bbe40b306cf33a2ca593cdb4927a78cada823d4a42e0e9d3a5a502bad4217447409d37206d90371cc9245a3ff43
-
SSDEEP
12288:vMr9y9091OI6NdomLJMXvgbj00bUYc9TP59WzUc0y1Xf3AfToFrWX:uy+QpAvgXZq9TR9VcBX4
Static task
static1
Behavioral task
behavioral1
Sample
8d595c827a49916221d6b77343b86d36d04850ae34459c4a333b421a8f534ae6.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
darm
217.196.96.56:4138
-
auth_value
d88ac8ccc04ab9979b04b46313db1648
Targets
-
-
Target
8d595c827a49916221d6b77343b86d36d04850ae34459c4a333b421a8f534ae6
-
Size
567KB
-
MD5
64b4d1929a43b783b7376d4e01da0015
-
SHA1
09cb7e9cad00cf3a484e8ae29499557c90d46244
-
SHA256
8d595c827a49916221d6b77343b86d36d04850ae34459c4a333b421a8f534ae6
-
SHA512
45db0d7ced9b1a7c3d8b9beff7b50238637a5bbe40b306cf33a2ca593cdb4927a78cada823d4a42e0e9d3a5a502bad4217447409d37206d90371cc9245a3ff43
-
SSDEEP
12288:vMr9y9091OI6NdomLJMXvgbj00bUYc9TP59WzUc0y1Xf3AfToFrWX:uy+QpAvgXZq9TR9VcBX4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-