General
-
Target
fa577a1c6bb4436ad22420a16c0d0f7e4a8064d5dc444479a36be7682f4c5903
-
Size
441KB
-
Sample
241105-bt7kkascjr
-
MD5
689e6ca3bb2d7257438c22af8cfd9b29
-
SHA1
119ff3a7c8fadfca6ae362702e15881c5b775fad
-
SHA256
fa577a1c6bb4436ad22420a16c0d0f7e4a8064d5dc444479a36be7682f4c5903
-
SHA512
a0441e7e587a87b96947454e67fc89c476b2635028e412f7997e6e78b7f05eddc31dcf3c5e45baf5dad175ae3ed1b67c2a1fcdf73d802723f66f19d73a73b947
-
SSDEEP
12288:fMrzy90JvN7H7EfwY9DU5iSD4FnUlnzhZ1Hl:cyAFH7EfL0p4uVzf
Static task
static1
Behavioral task
behavioral1
Sample
fa577a1c6bb4436ad22420a16c0d0f7e4a8064d5dc444479a36be7682f4c5903.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
fa577a1c6bb4436ad22420a16c0d0f7e4a8064d5dc444479a36be7682f4c5903
-
Size
441KB
-
MD5
689e6ca3bb2d7257438c22af8cfd9b29
-
SHA1
119ff3a7c8fadfca6ae362702e15881c5b775fad
-
SHA256
fa577a1c6bb4436ad22420a16c0d0f7e4a8064d5dc444479a36be7682f4c5903
-
SHA512
a0441e7e587a87b96947454e67fc89c476b2635028e412f7997e6e78b7f05eddc31dcf3c5e45baf5dad175ae3ed1b67c2a1fcdf73d802723f66f19d73a73b947
-
SSDEEP
12288:fMrzy90JvN7H7EfwY9DU5iSD4FnUlnzhZ1Hl:cyAFH7EfL0p4uVzf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-