General
-
Target
9847a5fc1cc63a44cbce7965d1dcd981bffb1010a3b6f310dc43aa38c1ee451d
-
Size
440KB
-
Sample
241105-dz82pathpr
-
MD5
bfbf85326777e629ccb8749a06954256
-
SHA1
ed2978d311e0d2dc0cbbc9b900323d649089aa06
-
SHA256
9847a5fc1cc63a44cbce7965d1dcd981bffb1010a3b6f310dc43aa38c1ee451d
-
SHA512
4ce854c8fe127de308b74a33f93e104e57fb58bef81ab381bc99aacc32917404ea98fd7894354dc53cc79f12e51c4977345ed6e7b9408bf41965e6ec21b5fdef
-
SSDEEP
12288:yMryy90Np7cO1Wt4uTY7mhTAFlj+jWSdPvB0:4yOcO+4IcF+jxw
Static task
static1
Behavioral task
behavioral1
Sample
9847a5fc1cc63a44cbce7965d1dcd981bffb1010a3b6f310dc43aa38c1ee451d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
9847a5fc1cc63a44cbce7965d1dcd981bffb1010a3b6f310dc43aa38c1ee451d
-
Size
440KB
-
MD5
bfbf85326777e629ccb8749a06954256
-
SHA1
ed2978d311e0d2dc0cbbc9b900323d649089aa06
-
SHA256
9847a5fc1cc63a44cbce7965d1dcd981bffb1010a3b6f310dc43aa38c1ee451d
-
SHA512
4ce854c8fe127de308b74a33f93e104e57fb58bef81ab381bc99aacc32917404ea98fd7894354dc53cc79f12e51c4977345ed6e7b9408bf41965e6ec21b5fdef
-
SSDEEP
12288:yMryy90Np7cO1Wt4uTY7mhTAFlj+jWSdPvB0:4yOcO+4IcF+jxw
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-