General
-
Target
b07931d629e103912f998295e30ef358ab16e44b760a28c9f20b7509b207f6d1
-
Size
441KB
-
Sample
241105-fb9pesvdjf
-
MD5
733d443a2c0ecdd87e1437bb85ba4b5e
-
SHA1
effee3cc37ff81be3ec5ebef98767ffb41a1857e
-
SHA256
b07931d629e103912f998295e30ef358ab16e44b760a28c9f20b7509b207f6d1
-
SHA512
f3f24bd99d5627604831eb710923242dd0a239b7bd149a18f68b2755b2108856defd2febac9da3b936f0d5c968c3a56b8c94e970637ca596fe8a138c33fd5d35
-
SSDEEP
6144:Kcy+bnr+5p0yN90QEkxvPKKPW4IK73XYroESG9/OYTXV9nJdH05iSqe8u4FnUnG0:sMr1y90yvN7H7EfwY9DU5iSD4FnU5TN
Static task
static1
Behavioral task
behavioral1
Sample
b07931d629e103912f998295e30ef358ab16e44b760a28c9f20b7509b207f6d1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
b07931d629e103912f998295e30ef358ab16e44b760a28c9f20b7509b207f6d1
-
Size
441KB
-
MD5
733d443a2c0ecdd87e1437bb85ba4b5e
-
SHA1
effee3cc37ff81be3ec5ebef98767ffb41a1857e
-
SHA256
b07931d629e103912f998295e30ef358ab16e44b760a28c9f20b7509b207f6d1
-
SHA512
f3f24bd99d5627604831eb710923242dd0a239b7bd149a18f68b2755b2108856defd2febac9da3b936f0d5c968c3a56b8c94e970637ca596fe8a138c33fd5d35
-
SSDEEP
6144:Kcy+bnr+5p0yN90QEkxvPKKPW4IK73XYroESG9/OYTXV9nJdH05iSqe8u4FnUnG0:sMr1y90yvN7H7EfwY9DU5iSD4FnU5TN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-