General
-
Target
6790625ce4413f2c74c7c14b5dbadb20d54200bfa7564c56a2817d2771137e3b
-
Size
479KB
-
Sample
241111-kf42yswfqp
-
MD5
f4c21957789821f9d20cde4c0b4472b4
-
SHA1
f1057e4c6cb96107f7fbdb00712542ca1c1d66a6
-
SHA256
6790625ce4413f2c74c7c14b5dbadb20d54200bfa7564c56a2817d2771137e3b
-
SHA512
f8e60b5e86c0610434ae8986c8011fa48f9fdfe7fbeee0cf580f8006ca985f17f991c66c3a71cdd449ef7e5d9684058fb21ceb1f09bd6063710947ede1928f56
-
SSDEEP
12288:oMray90PTp6xMjvdFBAAFxFvc+U3MIn6Qh:iyfG1FBAA9vcvcInx
Static task
static1
Behavioral task
behavioral1
Sample
6790625ce4413f2c74c7c14b5dbadb20d54200bfa7564c56a2817d2771137e3b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
6790625ce4413f2c74c7c14b5dbadb20d54200bfa7564c56a2817d2771137e3b
-
Size
479KB
-
MD5
f4c21957789821f9d20cde4c0b4472b4
-
SHA1
f1057e4c6cb96107f7fbdb00712542ca1c1d66a6
-
SHA256
6790625ce4413f2c74c7c14b5dbadb20d54200bfa7564c56a2817d2771137e3b
-
SHA512
f8e60b5e86c0610434ae8986c8011fa48f9fdfe7fbeee0cf580f8006ca985f17f991c66c3a71cdd449ef7e5d9684058fb21ceb1f09bd6063710947ede1928f56
-
SSDEEP
12288:oMray90PTp6xMjvdFBAAFxFvc+U3MIn6Qh:iyfG1FBAA9vcvcInx
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-