General
-
Target
7e620c2e24ed7ad30581ba40ff285ce844a62ccb3efef7226cb808fd8dc8b588
-
Size
1.1MB
-
Sample
241111-hnxxhatrby
-
MD5
9df9a4fca937582bc0f3391728c24d9e
-
SHA1
7061f83a1076d374b631ac9d2b61546135c78b32
-
SHA256
7e620c2e24ed7ad30581ba40ff285ce844a62ccb3efef7226cb808fd8dc8b588
-
SHA512
c6cc7b120559a85e9f4dd8d054f9cf939efbf55c37933f549bf387a0d0ce3c0c8410b2ef0aaed4ae1a0ad577424c5e8c3eff8c80f7008e8cdfd0464f890dafad
-
SSDEEP
24576:YyMAwislcRvZ50AVxqMJqvLHr0yNUeBYHHJ2Mj7:fMgicRH0AVx6vLwypYZ
Static task
static1
Behavioral task
behavioral1
Sample
7e620c2e24ed7ad30581ba40ff285ce844a62ccb3efef7226cb808fd8dc8b588.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
doma
185.161.248.75:4132
-
auth_value
8be53af7f78567706928d0abef953ef4
Targets
-
-
Target
7e620c2e24ed7ad30581ba40ff285ce844a62ccb3efef7226cb808fd8dc8b588
-
Size
1.1MB
-
MD5
9df9a4fca937582bc0f3391728c24d9e
-
SHA1
7061f83a1076d374b631ac9d2b61546135c78b32
-
SHA256
7e620c2e24ed7ad30581ba40ff285ce844a62ccb3efef7226cb808fd8dc8b588
-
SHA512
c6cc7b120559a85e9f4dd8d054f9cf939efbf55c37933f549bf387a0d0ce3c0c8410b2ef0aaed4ae1a0ad577424c5e8c3eff8c80f7008e8cdfd0464f890dafad
-
SSDEEP
24576:YyMAwislcRvZ50AVxqMJqvLHr0yNUeBYHHJ2Mj7:fMgicRH0AVx6vLwypYZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-