General
-
Target
dad7497bc9109ca7d113211b60d57887b20c232221c91dab42b88001eb6bf336
-
Size
442KB
-
Sample
241105-ckw8xascmh
-
MD5
fd4e83d736466f3168c5d797a4cf57f7
-
SHA1
9dd71aec0a12bbe31e27286d0fac2001c9e39ede
-
SHA256
dad7497bc9109ca7d113211b60d57887b20c232221c91dab42b88001eb6bf336
-
SHA512
3a9b05550ca96ec753582f7ce158592dc84c0d527abfab480cc56466446b6765f74ae84459cd6b5adbe24a77bfd14584677ade5adbf57f473822d283286e0aa9
-
SSDEEP
12288:fMrty90gxQih1l5eJwD7ob0ZR0DC/oaz0oHItk:eyph1HeJwD7oocpa4R6
Static task
static1
Behavioral task
behavioral1
Sample
dad7497bc9109ca7d113211b60d57887b20c232221c91dab42b88001eb6bf336.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
dad7497bc9109ca7d113211b60d57887b20c232221c91dab42b88001eb6bf336
-
Size
442KB
-
MD5
fd4e83d736466f3168c5d797a4cf57f7
-
SHA1
9dd71aec0a12bbe31e27286d0fac2001c9e39ede
-
SHA256
dad7497bc9109ca7d113211b60d57887b20c232221c91dab42b88001eb6bf336
-
SHA512
3a9b05550ca96ec753582f7ce158592dc84c0d527abfab480cc56466446b6765f74ae84459cd6b5adbe24a77bfd14584677ade5adbf57f473822d283286e0aa9
-
SSDEEP
12288:fMrty90gxQih1l5eJwD7ob0ZR0DC/oaz0oHItk:eyph1HeJwD7oocpa4R6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-