General
-
Target
8117c769f94ebf88525fc8c7b22ab9c5d8d72a0729b7ed1ca7fca823cadf2065
-
Size
442KB
-
Sample
241105-bwqd3ascmm
-
MD5
d9ed2d6a35509b501d1d23fb86f3b145
-
SHA1
f3e6e85671f103957adcc6ef6f23fd7add64b9bf
-
SHA256
8117c769f94ebf88525fc8c7b22ab9c5d8d72a0729b7ed1ca7fca823cadf2065
-
SHA512
f16d0a4d02f02b959e245b6a7b21071d1bd6a2e29e2789b6946f9dc98a4f2e05d1deee429f7e08d1a559baed96d61b74a91cfef7fc6c71d7d95a27045ad7a229
-
SSDEEP
6144:KOy+bnr+ip0yN90QEMBEyWzP8Hao4s+9V6odP5B/d34Rbs94mp77Lip1e:GMrOy90a2yQIao4r6opPiRs94NPe
Static task
static1
Behavioral task
behavioral1
Sample
8117c769f94ebf88525fc8c7b22ab9c5d8d72a0729b7ed1ca7fca823cadf2065.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
8117c769f94ebf88525fc8c7b22ab9c5d8d72a0729b7ed1ca7fca823cadf2065
-
Size
442KB
-
MD5
d9ed2d6a35509b501d1d23fb86f3b145
-
SHA1
f3e6e85671f103957adcc6ef6f23fd7add64b9bf
-
SHA256
8117c769f94ebf88525fc8c7b22ab9c5d8d72a0729b7ed1ca7fca823cadf2065
-
SHA512
f16d0a4d02f02b959e245b6a7b21071d1bd6a2e29e2789b6946f9dc98a4f2e05d1deee429f7e08d1a559baed96d61b74a91cfef7fc6c71d7d95a27045ad7a229
-
SSDEEP
6144:KOy+bnr+ip0yN90QEMBEyWzP8Hao4s+9V6odP5B/d34Rbs94mp77Lip1e:GMrOy90a2yQIao4r6opPiRs94NPe
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-