General
-
Target
2eac90508d95b865940a6137fa72065a9fa1e4e61f6d8c4f8f64465da0a311fe
-
Size
440KB
-
Sample
241105-bdke4azrbw
-
MD5
3b0a6f4562efe47365424cec22ad0621
-
SHA1
e932721fc13ee2de7911ba123ee2453979657290
-
SHA256
2eac90508d95b865940a6137fa72065a9fa1e4e61f6d8c4f8f64465da0a311fe
-
SHA512
3b4d2a058361b09a411c26f1cf946a6c99e825145d30f4b10097c301bac92ef792613216dd0ed9186747743e5644f124b05f778904f79a0d3409753cf7fb8f68
-
SSDEEP
12288:EMr+y90YyhbDlc3gEd9bcCUfmU6CwWmjvOjob:KyvyhFc3gwpUOHYImjob
Static task
static1
Behavioral task
behavioral1
Sample
2eac90508d95b865940a6137fa72065a9fa1e4e61f6d8c4f8f64465da0a311fe.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
2eac90508d95b865940a6137fa72065a9fa1e4e61f6d8c4f8f64465da0a311fe
-
Size
440KB
-
MD5
3b0a6f4562efe47365424cec22ad0621
-
SHA1
e932721fc13ee2de7911ba123ee2453979657290
-
SHA256
2eac90508d95b865940a6137fa72065a9fa1e4e61f6d8c4f8f64465da0a311fe
-
SHA512
3b4d2a058361b09a411c26f1cf946a6c99e825145d30f4b10097c301bac92ef792613216dd0ed9186747743e5644f124b05f778904f79a0d3409753cf7fb8f68
-
SSDEEP
12288:EMr+y90YyhbDlc3gEd9bcCUfmU6CwWmjvOjob:KyvyhFc3gwpUOHYImjob
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-