General
-
Target
01f238be78d778bb061a995b9511860dbdfc84d78921f57e02a01f66b7c7365e
-
Size
442KB
-
Sample
241105-b37lxs1hkh
-
MD5
fc4fb7feb0116b04ebd0d762929d0696
-
SHA1
fc8fb56f67fdad245ea5eb63dd273d6465bdb0e8
-
SHA256
01f238be78d778bb061a995b9511860dbdfc84d78921f57e02a01f66b7c7365e
-
SHA512
8dd7bc3fedbe1de834322b110fd9dfabb7a1b1f98f78904b820a314758a2516f5069cb77ce89a721ce10e50d0f300ce764a1302dbc8d65cd2790cc7621e55568
-
SSDEEP
12288:/MrFy90E+8ffHfgOBfANsMztBc6hO8YQhx0Y:my3vfvDBYNFtBc1syY
Static task
static1
Behavioral task
behavioral1
Sample
01f238be78d778bb061a995b9511860dbdfc84d78921f57e02a01f66b7c7365e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
01f238be78d778bb061a995b9511860dbdfc84d78921f57e02a01f66b7c7365e
-
Size
442KB
-
MD5
fc4fb7feb0116b04ebd0d762929d0696
-
SHA1
fc8fb56f67fdad245ea5eb63dd273d6465bdb0e8
-
SHA256
01f238be78d778bb061a995b9511860dbdfc84d78921f57e02a01f66b7c7365e
-
SHA512
8dd7bc3fedbe1de834322b110fd9dfabb7a1b1f98f78904b820a314758a2516f5069cb77ce89a721ce10e50d0f300ce764a1302dbc8d65cd2790cc7621e55568
-
SSDEEP
12288:/MrFy90E+8ffHfgOBfANsMztBc6hO8YQhx0Y:my3vfvDBYNFtBc1syY
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-