General
-
Target
48bc43cc7f553bc193c50cceeb308142e7e4fbcd85920f9c5d63ad43edb0c3d4
-
Size
433KB
-
Sample
241104-3qhwkssman
-
MD5
9efe3ada3c741a658eb1bc35c74098da
-
SHA1
1a9ddd1880474416d2770d286cbbc1f298bca620
-
SHA256
48bc43cc7f553bc193c50cceeb308142e7e4fbcd85920f9c5d63ad43edb0c3d4
-
SHA512
4c5bbbfb4ebab1e756dcb5776f05b076ba61a22e9dfb52baa0a5b70ceeb0cd317c71cd0d8e2c2ad13342d110e80b2bf39b24cd6561a362df8780252417d80ca9
-
SSDEEP
12288:kMrby90978bm8q4pif/DdRm19HgnHkXw0n2X:HyLmX7Dd0XAEgqI
Static task
static1
Behavioral task
behavioral1
Sample
48bc43cc7f553bc193c50cceeb308142e7e4fbcd85920f9c5d63ad43edb0c3d4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
48bc43cc7f553bc193c50cceeb308142e7e4fbcd85920f9c5d63ad43edb0c3d4
-
Size
433KB
-
MD5
9efe3ada3c741a658eb1bc35c74098da
-
SHA1
1a9ddd1880474416d2770d286cbbc1f298bca620
-
SHA256
48bc43cc7f553bc193c50cceeb308142e7e4fbcd85920f9c5d63ad43edb0c3d4
-
SHA512
4c5bbbfb4ebab1e756dcb5776f05b076ba61a22e9dfb52baa0a5b70ceeb0cd317c71cd0d8e2c2ad13342d110e80b2bf39b24cd6561a362df8780252417d80ca9
-
SSDEEP
12288:kMrby90978bm8q4pif/DdRm19HgnHkXw0n2X:HyLmX7Dd0XAEgqI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-