General
-
Target
f3df4d8652798dd508511bc1b0972e48d5b247bb118ef5e4745c2bd8714beb91
-
Size
296KB
-
Sample
240417-rfpqlabb55
-
MD5
6f6d7e4fb3c9d0346eabeb6067c3a24a
-
SHA1
99e92c8bad5bf278862cc3079d49c216d91b878a
-
SHA256
f3df4d8652798dd508511bc1b0972e48d5b247bb118ef5e4745c2bd8714beb91
-
SHA512
305502541bf7d9282de56fd0cf9bdf64cad85ba281258bc43ab79325ea6be94a76d305b6aa6cf0eb4c79c94e46c617171bd1acde5a73ec50d5d13b4e8742ebf9
-
SSDEEP
6144:fAsKi1g1W9Df0Y2+6LqMRhNDS5sq3AkLS3wZZUETTn6XF2LoL8oj0CtMC:4segfrMrFSSqLLS3KZtTTnMFUoLVj0CZ
Static task
static1
Behavioral task
behavioral1
Sample
8370bc92f5cb661bd26f3bd5abb51f6d56c48acb438ae48aa3351044cd55678f.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
8370bc92f5cb661bd26f3bd5abb51f6d56c48acb438ae48aa3351044cd55678f.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
8370bc92f5cb661bd26f3bd5abb51f6d56c48acb438ae48aa3351044cd55678f.exe
-
Size
444KB
-
MD5
1138566c2dc75fd97735373798d050b6
-
SHA1
8b6fbc0d77a58352a47f22967c75587e035eb357
-
SHA256
8370bc92f5cb661bd26f3bd5abb51f6d56c48acb438ae48aa3351044cd55678f
-
SHA512
e7105354c1031909d4c6365d37890c019030b4f0572c8082a663b36a4c99fa56baf22e850ef88801730221470f587fd866792d9d324335ecb0c48306e089b780
-
SSDEEP
6144:DF7tjrH2bZgOhRRxxLhCaigqdFKS8eGTvKdFj9ma3qJBgDnY598ICrcKHVg1GhWZ:DFBa73NYFgqjKNe399j3mgDmtyKoW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-