General
-
Target
c3e2a6f61b9707637e58b6d077df43628896080d4602304c537fc73e1e6a7d9f
-
Size
604KB
-
Sample
241111-hnd5dsvhmf
-
MD5
bcad8193483715e5e89bf225a10fb394
-
SHA1
2d817d268e2a3ace7f5f4ff202ec2b5c1cf26a9a
-
SHA256
c3e2a6f61b9707637e58b6d077df43628896080d4602304c537fc73e1e6a7d9f
-
SHA512
0cdd0b7c67ecfccb0d949a3a5831894abc38738e9e0fce92d8af14b9de20481586b79b9bf1e32db08b7d0c58dce54ba976eec9384bddd4b0a54bec3f837b1171
-
SSDEEP
12288:4Mr+y90S4DQiCc3rpCpcKWcJ1aXkSiXKu5xAMgxpG6y:2ygD5CcdChD0UDXjvAPxPy
Static task
static1
Behavioral task
behavioral1
Sample
c3e2a6f61b9707637e58b6d077df43628896080d4602304c537fc73e1e6a7d9f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
c3e2a6f61b9707637e58b6d077df43628896080d4602304c537fc73e1e6a7d9f
-
Size
604KB
-
MD5
bcad8193483715e5e89bf225a10fb394
-
SHA1
2d817d268e2a3ace7f5f4ff202ec2b5c1cf26a9a
-
SHA256
c3e2a6f61b9707637e58b6d077df43628896080d4602304c537fc73e1e6a7d9f
-
SHA512
0cdd0b7c67ecfccb0d949a3a5831894abc38738e9e0fce92d8af14b9de20481586b79b9bf1e32db08b7d0c58dce54ba976eec9384bddd4b0a54bec3f837b1171
-
SSDEEP
12288:4Mr+y90S4DQiCc3rpCpcKWcJ1aXkSiXKu5xAMgxpG6y:2ygD5CcdChD0UDXjvAPxPy
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-