General
-
Target
4d85bc38e0f98cc7251b831eff588ba268fa6c979ce5adc98b9fd87c1af0a8d4
-
Size
603KB
-
Sample
241111-gfmwwsvblf
-
MD5
4cd18033feb28f4abb2f6f45118c4790
-
SHA1
296e82de8ff251d51053be706feee1fa2cf254bf
-
SHA256
4d85bc38e0f98cc7251b831eff588ba268fa6c979ce5adc98b9fd87c1af0a8d4
-
SHA512
f053895f05d2dfd0267059a690eb7a8edc1e420af506ddf51048b90066b703e6fcae3c6781e5f2aa1b80eb56065d75bff8a64a00348db1e84bebebfdf3f489d6
-
SSDEEP
12288:JMriy90RoMzEE32mYL51yXiZ5KfCTI8M4p3Jlu5xAMgxJw8sS27:jyvNE/syXijKW3JEvAPxJPm
Static task
static1
Behavioral task
behavioral1
Sample
4d85bc38e0f98cc7251b831eff588ba268fa6c979ce5adc98b9fd87c1af0a8d4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
4d85bc38e0f98cc7251b831eff588ba268fa6c979ce5adc98b9fd87c1af0a8d4
-
Size
603KB
-
MD5
4cd18033feb28f4abb2f6f45118c4790
-
SHA1
296e82de8ff251d51053be706feee1fa2cf254bf
-
SHA256
4d85bc38e0f98cc7251b831eff588ba268fa6c979ce5adc98b9fd87c1af0a8d4
-
SHA512
f053895f05d2dfd0267059a690eb7a8edc1e420af506ddf51048b90066b703e6fcae3c6781e5f2aa1b80eb56065d75bff8a64a00348db1e84bebebfdf3f489d6
-
SSDEEP
12288:JMriy90RoMzEE32mYL51yXiZ5KfCTI8M4p3Jlu5xAMgxJw8sS27:jyvNE/syXijKW3JEvAPxJPm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-