General
-
Target
948771c3987b05dd07cc2cd82c91dd115580dbd2ffedfd2e22a5190c5a4cb3ee
-
Size
600KB
-
Sample
241111-mk8baaxmdw
-
MD5
349c6d8310cdbd6fedf14ee138e96b20
-
SHA1
c196bf22eeb85526c368b7527aef83e0fe273f56
-
SHA256
948771c3987b05dd07cc2cd82c91dd115580dbd2ffedfd2e22a5190c5a4cb3ee
-
SHA512
7f9f8c2bfdf51dd255ad53c7959ade600033f7404bdd9b5ad01471535d88993d71904dadf468ca98187af4ffc7624a2e0104c5b8c70235f55ddf93b9e0f93a7a
-
SSDEEP
12288:dMruy90RZWkPxX6el2rFcLQSGR06kdtG984tzJ7K9C:DyOEktPl2ZccQc984tzJ7K9C
Static task
static1
Behavioral task
behavioral1
Sample
948771c3987b05dd07cc2cd82c91dd115580dbd2ffedfd2e22a5190c5a4cb3ee.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
daris
217.196.96.56:4138
-
auth_value
3491f24ae0250969cd45ce4b3fe77549
Targets
-
-
Target
948771c3987b05dd07cc2cd82c91dd115580dbd2ffedfd2e22a5190c5a4cb3ee
-
Size
600KB
-
MD5
349c6d8310cdbd6fedf14ee138e96b20
-
SHA1
c196bf22eeb85526c368b7527aef83e0fe273f56
-
SHA256
948771c3987b05dd07cc2cd82c91dd115580dbd2ffedfd2e22a5190c5a4cb3ee
-
SHA512
7f9f8c2bfdf51dd255ad53c7959ade600033f7404bdd9b5ad01471535d88993d71904dadf468ca98187af4ffc7624a2e0104c5b8c70235f55ddf93b9e0f93a7a
-
SSDEEP
12288:dMruy90RZWkPxX6el2rFcLQSGR06kdtG984tzJ7K9C:DyOEktPl2ZccQc984tzJ7K9C
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-