General
-
Target
8a853a12ae05691dbb8fe3ad7de8212f0a7cf74f7e767968c3a9ceabdaf41110
-
Size
433KB
-
Sample
241104-3r21vayra1
-
MD5
981119722e67d2a39b20a397b5ccb259
-
SHA1
c9c4c89318338e0ab2678700e7f498bc17ba6958
-
SHA256
8a853a12ae05691dbb8fe3ad7de8212f0a7cf74f7e767968c3a9ceabdaf41110
-
SHA512
11426b09d5578d8c8368edf93155df868b19ecae9cc9f5c5ef9e3798ec4eea99d6ea52af8a5eb5628c50c9ea57e856c09b01b7048676a22abd0c8e53479a51e0
-
SSDEEP
12288:XMr8y90iWCWbxy59C7a3Y3PfMLFROcw3:TyFWCWbsrC7a3YffM5RNu
Static task
static1
Behavioral task
behavioral1
Sample
8a853a12ae05691dbb8fe3ad7de8212f0a7cf74f7e767968c3a9ceabdaf41110.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
8a853a12ae05691dbb8fe3ad7de8212f0a7cf74f7e767968c3a9ceabdaf41110
-
Size
433KB
-
MD5
981119722e67d2a39b20a397b5ccb259
-
SHA1
c9c4c89318338e0ab2678700e7f498bc17ba6958
-
SHA256
8a853a12ae05691dbb8fe3ad7de8212f0a7cf74f7e767968c3a9ceabdaf41110
-
SHA512
11426b09d5578d8c8368edf93155df868b19ecae9cc9f5c5ef9e3798ec4eea99d6ea52af8a5eb5628c50c9ea57e856c09b01b7048676a22abd0c8e53479a51e0
-
SSDEEP
12288:XMr8y90iWCWbxy59C7a3Y3PfMLFROcw3:TyFWCWbsrC7a3YffM5RNu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-