General
-
Target
6712ab83171d583ff887c143150002ebfdfc8423ecdf2f757380337c03b7a80f
-
Size
441KB
-
Sample
241105-ds446atgnl
-
MD5
2fa6459fb760a81f7082e9e295bad110
-
SHA1
06a724529aaafd85b910bff58fe41c288cfce68d
-
SHA256
6712ab83171d583ff887c143150002ebfdfc8423ecdf2f757380337c03b7a80f
-
SHA512
fa45540ef14a768fc7fb827c5228a0bede1120f261d3d8148e93c20e3eb5a294354e4f99677ae89c353946ba1ede1ee190475e6376dd8acce2bc813c36749bf8
-
SSDEEP
6144:Kvy+bnr+bp0yN90QEvZSYt/66NNfxewt+qZb1D2N5a05uUmMPM/eyAac1XxJFpHK:tMrPy90f/ySN0hqZZIuiUDPcfpHK
Static task
static1
Behavioral task
behavioral1
Sample
6712ab83171d583ff887c143150002ebfdfc8423ecdf2f757380337c03b7a80f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
6712ab83171d583ff887c143150002ebfdfc8423ecdf2f757380337c03b7a80f
-
Size
441KB
-
MD5
2fa6459fb760a81f7082e9e295bad110
-
SHA1
06a724529aaafd85b910bff58fe41c288cfce68d
-
SHA256
6712ab83171d583ff887c143150002ebfdfc8423ecdf2f757380337c03b7a80f
-
SHA512
fa45540ef14a768fc7fb827c5228a0bede1120f261d3d8148e93c20e3eb5a294354e4f99677ae89c353946ba1ede1ee190475e6376dd8acce2bc813c36749bf8
-
SSDEEP
6144:Kvy+bnr+bp0yN90QEvZSYt/66NNfxewt+qZb1D2N5a05uUmMPM/eyAac1XxJFpHK:tMrPy90f/ySN0hqZZIuiUDPcfpHK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-