General
-
Target
b03677b8ed25f0fedb608b1f5662b175c2675841e6c70b2d88e4c8000b71b735
-
Size
567KB
-
Sample
241111-fwls4atfrd
-
MD5
e33b8b0c8cc3fff2f438eea155af1d90
-
SHA1
ffd4bec88cc69c83be5413e5e0b8b80ca62f23cd
-
SHA256
b03677b8ed25f0fedb608b1f5662b175c2675841e6c70b2d88e4c8000b71b735
-
SHA512
d7d579f1880965e5ad84c1e7d337c731f78012f47db2ddccd42b5101166b35e14a0c41c9c10f1a37f96573b515759fb8d28f4e9df370aa143b93f527c7a18c8d
-
SSDEEP
12288:3MrLy90Wr4s7i7FXz0+rM3lq8MRzRpJdt2mihPPls+:UyRr4sG7FD0hVq88zdLihPT
Static task
static1
Behavioral task
behavioral1
Sample
b03677b8ed25f0fedb608b1f5662b175c2675841e6c70b2d88e4c8000b71b735.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
b03677b8ed25f0fedb608b1f5662b175c2675841e6c70b2d88e4c8000b71b735
-
Size
567KB
-
MD5
e33b8b0c8cc3fff2f438eea155af1d90
-
SHA1
ffd4bec88cc69c83be5413e5e0b8b80ca62f23cd
-
SHA256
b03677b8ed25f0fedb608b1f5662b175c2675841e6c70b2d88e4c8000b71b735
-
SHA512
d7d579f1880965e5ad84c1e7d337c731f78012f47db2ddccd42b5101166b35e14a0c41c9c10f1a37f96573b515759fb8d28f4e9df370aa143b93f527c7a18c8d
-
SSDEEP
12288:3MrLy90Wr4s7i7FXz0+rM3lq8MRzRpJdt2mihPPls+:UyRr4sG7FD0hVq88zdLihPT
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-