General
-
Target
0c903acd8212b0e7d09f9a8c6a7ce909377951efb05ddd325ada1f374b06d30d
-
Size
566KB
-
Sample
241111-e2dh8ssgll
-
MD5
ffdbf2c5ae59e0d6f7947638752e9249
-
SHA1
b6afeeec0198029e5ea0315790ef056ef5b64ef8
-
SHA256
0c903acd8212b0e7d09f9a8c6a7ce909377951efb05ddd325ada1f374b06d30d
-
SHA512
753efa4f5261689f2313359b1be2cae2c690a8fe243ed498597a80fc576571f2ce09c294ab3c774c01529dcd4ec4428911640c365615fb457ce077762ae7b7b6
-
SSDEEP
12288:6Mr7y90PNOqvGneju5AQBqvoqFcfEBrrE2OHg2yOAYIr6rkBEr:5yQOIG3ADAqFoirrE2h+AYxkC
Static task
static1
Behavioral task
behavioral1
Sample
0c903acd8212b0e7d09f9a8c6a7ce909377951efb05ddd325ada1f374b06d30d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
darm
217.196.96.56:4138
-
auth_value
d88ac8ccc04ab9979b04b46313db1648
Targets
-
-
Target
0c903acd8212b0e7d09f9a8c6a7ce909377951efb05ddd325ada1f374b06d30d
-
Size
566KB
-
MD5
ffdbf2c5ae59e0d6f7947638752e9249
-
SHA1
b6afeeec0198029e5ea0315790ef056ef5b64ef8
-
SHA256
0c903acd8212b0e7d09f9a8c6a7ce909377951efb05ddd325ada1f374b06d30d
-
SHA512
753efa4f5261689f2313359b1be2cae2c690a8fe243ed498597a80fc576571f2ce09c294ab3c774c01529dcd4ec4428911640c365615fb457ce077762ae7b7b6
-
SSDEEP
12288:6Mr7y90PNOqvGneju5AQBqvoqFcfEBrrE2OHg2yOAYIr6rkBEr:5yQOIG3ADAqFoirrE2h+AYxkC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-