General
-
Target
7df622f1d050a5161f0627b239e6ed860a8af0952a2c40080a80adada3eaaa46
-
Size
587KB
-
Sample
241111-fm63nssngt
-
MD5
6b96a132d4fcdec912ac7f30de9edce9
-
SHA1
64815d3f7115c0a00cd578a14f76559a2b5e6157
-
SHA256
7df622f1d050a5161f0627b239e6ed860a8af0952a2c40080a80adada3eaaa46
-
SHA512
ff51fccf32d04d395948b43f6a80b0db53310fd49262375d7cc82b6b22f4ae6167baf70abb63bada1cc316086b98096604d7012d28e82ef47294a463d29c2927
-
SSDEEP
12288:6Mrwy90OI5VvjP1uMQi2wcMI4KP8DRCMvSzMGEqHixjb:6y2j8W2wwwDGEqHMX
Static task
static1
Behavioral task
behavioral1
Sample
7df622f1d050a5161f0627b239e6ed860a8af0952a2c40080a80adada3eaaa46.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
7df622f1d050a5161f0627b239e6ed860a8af0952a2c40080a80adada3eaaa46
-
Size
587KB
-
MD5
6b96a132d4fcdec912ac7f30de9edce9
-
SHA1
64815d3f7115c0a00cd578a14f76559a2b5e6157
-
SHA256
7df622f1d050a5161f0627b239e6ed860a8af0952a2c40080a80adada3eaaa46
-
SHA512
ff51fccf32d04d395948b43f6a80b0db53310fd49262375d7cc82b6b22f4ae6167baf70abb63bada1cc316086b98096604d7012d28e82ef47294a463d29c2927
-
SSDEEP
12288:6Mrwy90OI5VvjP1uMQi2wcMI4KP8DRCMvSzMGEqHixjb:6y2j8W2wwwDGEqHMX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-