General
-
Target
510ce394eecbdd681e733d256d995fcfd17739be07c9032e8406f0b3d6d36017
-
Size
441KB
-
Sample
241105-c9g6aatdml
-
MD5
e3c4788c87aeef2c97680b5e8b88a8d1
-
SHA1
7f6bfef027ae81c5ff0779373913ddc11730bddb
-
SHA256
510ce394eecbdd681e733d256d995fcfd17739be07c9032e8406f0b3d6d36017
-
SHA512
ca0ff672aeeb6e2d4d0f8e1b1318bcfaec83ea42730eb8d6d4f24309abb012a509e1bcd39e3a29da0611f69db7fb4c727005c3dc96c38fa154bc855cd3a9886e
-
SSDEEP
12288:CMrpy903vN7H7EfwY9DU5iSD4FnUlnzh31y:zy+FH7EfL0p4uVza
Static task
static1
Behavioral task
behavioral1
Sample
510ce394eecbdd681e733d256d995fcfd17739be07c9032e8406f0b3d6d36017.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
510ce394eecbdd681e733d256d995fcfd17739be07c9032e8406f0b3d6d36017
-
Size
441KB
-
MD5
e3c4788c87aeef2c97680b5e8b88a8d1
-
SHA1
7f6bfef027ae81c5ff0779373913ddc11730bddb
-
SHA256
510ce394eecbdd681e733d256d995fcfd17739be07c9032e8406f0b3d6d36017
-
SHA512
ca0ff672aeeb6e2d4d0f8e1b1318bcfaec83ea42730eb8d6d4f24309abb012a509e1bcd39e3a29da0611f69db7fb4c727005c3dc96c38fa154bc855cd3a9886e
-
SSDEEP
12288:CMrpy903vN7H7EfwY9DU5iSD4FnUlnzh31y:zy+FH7EfL0p4uVza
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-