General
-
Target
05ac241afe67ee15a7782e5f0dfdc90549c11f4b886709e6a20040eff9dbca3e
-
Size
442KB
-
Sample
241105-f79djavmcy
-
MD5
cff7bc1d5d5eee363cea28521368d92f
-
SHA1
dbaa55c234e40f628b2bcca4d8e274ae739ef8c2
-
SHA256
05ac241afe67ee15a7782e5f0dfdc90549c11f4b886709e6a20040eff9dbca3e
-
SHA512
dba74611bfbfb0d49ecd21e6607ac64536bf696e2e0f23d6c826c91a33b5de0e5bf2be96194028525c8b5ef69bf7bc6dbc64659d526f95274b92b183f85ef1ec
-
SSDEEP
12288:RMrgy909YvwOKVpKDWU3ZAKSeAB40Nau:hyrI9VkDLAK730Nau
Static task
static1
Behavioral task
behavioral1
Sample
05ac241afe67ee15a7782e5f0dfdc90549c11f4b886709e6a20040eff9dbca3e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
05ac241afe67ee15a7782e5f0dfdc90549c11f4b886709e6a20040eff9dbca3e
-
Size
442KB
-
MD5
cff7bc1d5d5eee363cea28521368d92f
-
SHA1
dbaa55c234e40f628b2bcca4d8e274ae739ef8c2
-
SHA256
05ac241afe67ee15a7782e5f0dfdc90549c11f4b886709e6a20040eff9dbca3e
-
SHA512
dba74611bfbfb0d49ecd21e6607ac64536bf696e2e0f23d6c826c91a33b5de0e5bf2be96194028525c8b5ef69bf7bc6dbc64659d526f95274b92b183f85ef1ec
-
SSDEEP
12288:RMrgy909YvwOKVpKDWU3ZAKSeAB40Nau:hyrI9VkDLAK730Nau
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-