General
-
Target
d549e5b03c334264154835bd297349ea3e3483b3ead3ef1a2c0a1912f0846ca8
-
Size
440KB
-
Sample
241105-ct5awa1rfx
-
MD5
53e21e5852a6559d875ccaef83077db5
-
SHA1
bb59675f785fb037e8c52770ba5335dfe0b8344c
-
SHA256
d549e5b03c334264154835bd297349ea3e3483b3ead3ef1a2c0a1912f0846ca8
-
SHA512
c3e8141a3604f9ff5e1a440fc3648194b14f2cb5b0b36b6da7c08ddcec8b1aeadc150fc8e86ca67138a41b146ee158a777c339974b2dce45898527c8e710d0ea
-
SSDEEP
12288:lMr6y90wgVReFeUM5uQ3s1nxinYWoKpzx9:LyJgDSpQc1nxsY9qF9
Static task
static1
Behavioral task
behavioral1
Sample
d549e5b03c334264154835bd297349ea3e3483b3ead3ef1a2c0a1912f0846ca8.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
d549e5b03c334264154835bd297349ea3e3483b3ead3ef1a2c0a1912f0846ca8
-
Size
440KB
-
MD5
53e21e5852a6559d875ccaef83077db5
-
SHA1
bb59675f785fb037e8c52770ba5335dfe0b8344c
-
SHA256
d549e5b03c334264154835bd297349ea3e3483b3ead3ef1a2c0a1912f0846ca8
-
SHA512
c3e8141a3604f9ff5e1a440fc3648194b14f2cb5b0b36b6da7c08ddcec8b1aeadc150fc8e86ca67138a41b146ee158a777c339974b2dce45898527c8e710d0ea
-
SSDEEP
12288:lMr6y90wgVReFeUM5uQ3s1nxinYWoKpzx9:LyJgDSpQc1nxsY9qF9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-