General
-
Target
1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e.exe
-
Size
403KB
-
Sample
241113-phemassbpm
-
MD5
d2457dbe5979649366dcd81255759b73
-
SHA1
cbb4af18d3c166a3cf3b4d7e5ded40b0bcaf5e58
-
SHA256
1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e
-
SHA512
e2b5c9621caa455a0115e04a9b8bef743c17854f1d1da2bde0cdd8670899f52147417160a2e5fff615fa4d917975eef0c5c51403a3ad38ebb41b2efeb2b34c54
-
SSDEEP
6144:3IQX0MvmkY7ZCulsqm03mIUUMrMzU8iHNL7NlFBa:3IQkMvmkYNCuGqJWIkMHitvHFBa
Static task
static1
Behavioral task
behavioral1
Sample
1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rosn
176.113.115.145:4125
-
auth_value
050a19e1db4d0024b0f23b37dcf961f4
Targets
-
-
Target
1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e.exe
-
Size
403KB
-
MD5
d2457dbe5979649366dcd81255759b73
-
SHA1
cbb4af18d3c166a3cf3b4d7e5ded40b0bcaf5e58
-
SHA256
1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e
-
SHA512
e2b5c9621caa455a0115e04a9b8bef743c17854f1d1da2bde0cdd8670899f52147417160a2e5fff615fa4d917975eef0c5c51403a3ad38ebb41b2efeb2b34c54
-
SSDEEP
6144:3IQX0MvmkY7ZCulsqm03mIUUMrMzU8iHNL7NlFBa:3IQkMvmkYNCuGqJWIkMHitvHFBa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-