General
-
Target
800f15ab20f6ac3b2799b493b3190262a923fbfdb085c94fbad3cf41bccfb2a0
-
Size
480KB
-
Sample
241111-gv37esvdkd
-
MD5
6ff62ca978a347daa0ab5a940a300279
-
SHA1
313237c86f0f656a33d7cd8596a57490c8b01576
-
SHA256
800f15ab20f6ac3b2799b493b3190262a923fbfdb085c94fbad3cf41bccfb2a0
-
SHA512
50d85ca15eeeabcbff128dabcc6f57e2cd470661e6ceafc89b9a80350e0f6e10598f1312ce5e930510244ab73015253eff0cd794c3886e8e50d70c146eac4aa1
-
SSDEEP
6144:KUy+bnr+Ap0yN90QEAY+0ZCmDzB7vhgFP55/tvqlba7pX7KQ8vWYcC+BbRznWkre:UMr4y90GWDDVveUbsKrV+vzrDSy8
Static task
static1
Behavioral task
behavioral1
Sample
800f15ab20f6ac3b2799b493b3190262a923fbfdb085c94fbad3cf41bccfb2a0.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
800f15ab20f6ac3b2799b493b3190262a923fbfdb085c94fbad3cf41bccfb2a0
-
Size
480KB
-
MD5
6ff62ca978a347daa0ab5a940a300279
-
SHA1
313237c86f0f656a33d7cd8596a57490c8b01576
-
SHA256
800f15ab20f6ac3b2799b493b3190262a923fbfdb085c94fbad3cf41bccfb2a0
-
SHA512
50d85ca15eeeabcbff128dabcc6f57e2cd470661e6ceafc89b9a80350e0f6e10598f1312ce5e930510244ab73015253eff0cd794c3886e8e50d70c146eac4aa1
-
SSDEEP
6144:KUy+bnr+Ap0yN90QEAY+0ZCmDzB7vhgFP55/tvqlba7pX7KQ8vWYcC+BbRznWkre:UMr4y90GWDDVveUbsKrV+vzrDSy8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-