General
-
Target
eb5d46c0a41292c608b141d3e69f30056783ef4c74981c0991569cf4623ecb67
-
Size
1.5MB
-
Sample
241111-gvx1eavakl
-
MD5
8fb7e3c010447acdb646dc1f880b3cc9
-
SHA1
b430ae10b7b154f72a1e5fe575f981b3cbafce3a
-
SHA256
eb5d46c0a41292c608b141d3e69f30056783ef4c74981c0991569cf4623ecb67
-
SHA512
a023d7c449863fb71f1ba5421d43724bea45b613f7ab219574f631e15a59e824f02f70e0fcc5c0a272bda91b71d76223acca0fbcbc4146c93f0e06ce1d7880bb
-
SSDEEP
24576:YyzTAHlDPygIawtyvMpMvRF5MJ1TWxi4/9Jb/P7MJY2ibq2vbFBVgii1YmDkD:f4Fj5IaYQveJtQimX4idbzvGNHD
Static task
static1
Behavioral task
behavioral1
Sample
eb5d46c0a41292c608b141d3e69f30056783ef4c74981c0991569cf4623ecb67.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
most
185.161.248.73:4164
-
auth_value
7da4dfa153f2919e617aa016f7c36008
Targets
-
-
Target
eb5d46c0a41292c608b141d3e69f30056783ef4c74981c0991569cf4623ecb67
-
Size
1.5MB
-
MD5
8fb7e3c010447acdb646dc1f880b3cc9
-
SHA1
b430ae10b7b154f72a1e5fe575f981b3cbafce3a
-
SHA256
eb5d46c0a41292c608b141d3e69f30056783ef4c74981c0991569cf4623ecb67
-
SHA512
a023d7c449863fb71f1ba5421d43724bea45b613f7ab219574f631e15a59e824f02f70e0fcc5c0a272bda91b71d76223acca0fbcbc4146c93f0e06ce1d7880bb
-
SSDEEP
24576:YyzTAHlDPygIawtyvMpMvRF5MJ1TWxi4/9Jb/P7MJY2ibq2vbFBVgii1YmDkD:f4Fj5IaYQveJtQimX4idbzvGNHD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-