General
-
Target
912052718736e0d72cdd3ff9d6f00d2b27cc03463f2ee3b9c75f15f77d6f29e6
-
Size
875KB
-
Sample
241111-hs3zbawakg
-
MD5
b9cf42e64cde9791ef84272f1fce102b
-
SHA1
4df7a4c3f6687f8c91157a8ab4ab13def6502eca
-
SHA256
912052718736e0d72cdd3ff9d6f00d2b27cc03463f2ee3b9c75f15f77d6f29e6
-
SHA512
bc48b08826c566469b66aab8501b28376a76eb6f069363ce944baf01f7b813fed42f8e3bc2d61205070b4773476ad7a32a41c05ed8ec65f91dec2ee986bd6f19
-
SSDEEP
24576:MykJ72FkCQ5WAmCXPbG8668zjtN/iZInQuBEPak2+7p:7CAfgmCXPXCHg0FSP
Static task
static1
Behavioral task
behavioral1
Sample
912052718736e0d72cdd3ff9d6f00d2b27cc03463f2ee3b9c75f15f77d6f29e6.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
diora
185.161.248.75:4132
-
auth_value
4c17e0c4a574a5b11a6e41e692dedcb3
Targets
-
-
Target
912052718736e0d72cdd3ff9d6f00d2b27cc03463f2ee3b9c75f15f77d6f29e6
-
Size
875KB
-
MD5
b9cf42e64cde9791ef84272f1fce102b
-
SHA1
4df7a4c3f6687f8c91157a8ab4ab13def6502eca
-
SHA256
912052718736e0d72cdd3ff9d6f00d2b27cc03463f2ee3b9c75f15f77d6f29e6
-
SHA512
bc48b08826c566469b66aab8501b28376a76eb6f069363ce944baf01f7b813fed42f8e3bc2d61205070b4773476ad7a32a41c05ed8ec65f91dec2ee986bd6f19
-
SSDEEP
24576:MykJ72FkCQ5WAmCXPbG8668zjtN/iZInQuBEPak2+7p:7CAfgmCXPXCHg0FSP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-