General
-
Target
57e6ff68613ec91d0a08229799fe2a0d4ade18a127bc5cf6b21241b56dc8c2fb
-
Size
1.1MB
-
Sample
241105-dr82qatglr
-
MD5
c54c110ec153850b5b6770528ae44f09
-
SHA1
03798600aae907045aa06b170d1f98652fa7c479
-
SHA256
57e6ff68613ec91d0a08229799fe2a0d4ade18a127bc5cf6b21241b56dc8c2fb
-
SHA512
021e473f0b2cbaf6b70d4ee824f5d136a059ad446901a5ae8eaca382d067e9b99ffcd38a15f7be4697aa1152fb1cb9dec9ec4f87ff880839413d8a3d0816d501
-
SSDEEP
24576:AyLvjh4vXfwzpfLiIx4oMmjBcggtBcRXLB0ikQi8+9gw+tZku:HLvjh4vPwtjiIx4ohCt+x90i1i8+9z+t
Static task
static1
Behavioral task
behavioral1
Sample
57e6ff68613ec91d0a08229799fe2a0d4ade18a127bc5cf6b21241b56dc8c2fb.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
57e6ff68613ec91d0a08229799fe2a0d4ade18a127bc5cf6b21241b56dc8c2fb
-
Size
1.1MB
-
MD5
c54c110ec153850b5b6770528ae44f09
-
SHA1
03798600aae907045aa06b170d1f98652fa7c479
-
SHA256
57e6ff68613ec91d0a08229799fe2a0d4ade18a127bc5cf6b21241b56dc8c2fb
-
SHA512
021e473f0b2cbaf6b70d4ee824f5d136a059ad446901a5ae8eaca382d067e9b99ffcd38a15f7be4697aa1152fb1cb9dec9ec4f87ff880839413d8a3d0816d501
-
SSDEEP
24576:AyLvjh4vXfwzpfLiIx4oMmjBcggtBcRXLB0ikQi8+9gw+tZku:HLvjh4vPwtjiIx4ohCt+x90i1i8+9z+t
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-