General
-
Target
db55ed05b3ff0f5d19df28a056b5fcb304e60e4cf37e32b3ea428cd85490c8d3
-
Size
479KB
-
Sample
241111-j8mspszlgr
-
MD5
39bcbf3624c15ff55009c9cff0f266cc
-
SHA1
39bf28b3fd43f88fc0132716a96e758d621aaa45
-
SHA256
db55ed05b3ff0f5d19df28a056b5fcb304e60e4cf37e32b3ea428cd85490c8d3
-
SHA512
88702dd089f93ed202811ac4ffd13468f4aa3173bee2bca9abcb902589957d611393a44e249d19d7a152691521d485c2fd760db3ad1e5f5e47f49cda8d664c68
-
SSDEEP
6144:KDy+bnr+cp0yN90QEqVBNOLNeWsPY7ASm43TwH6BDq5rNNg9IhHZaltEQcBTAZZI:RMrEy90QeAYsIMHSer/kP1cTkZI
Static task
static1
Behavioral task
behavioral1
Sample
db55ed05b3ff0f5d19df28a056b5fcb304e60e4cf37e32b3ea428cd85490c8d3.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
db55ed05b3ff0f5d19df28a056b5fcb304e60e4cf37e32b3ea428cd85490c8d3
-
Size
479KB
-
MD5
39bcbf3624c15ff55009c9cff0f266cc
-
SHA1
39bf28b3fd43f88fc0132716a96e758d621aaa45
-
SHA256
db55ed05b3ff0f5d19df28a056b5fcb304e60e4cf37e32b3ea428cd85490c8d3
-
SHA512
88702dd089f93ed202811ac4ffd13468f4aa3173bee2bca9abcb902589957d611393a44e249d19d7a152691521d485c2fd760db3ad1e5f5e47f49cda8d664c68
-
SSDEEP
6144:KDy+bnr+cp0yN90QEqVBNOLNeWsPY7ASm43TwH6BDq5rNNg9IhHZaltEQcBTAZZI:RMrEy90QeAYsIMHSer/kP1cTkZI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-