General
-
Target
435ac88803c8f59d9793ee92d8ff5aa56756bf2700300b0b59ae72eab722c155
-
Size
442KB
-
Sample
241105-gtdkdaymcr
-
MD5
907f1b666bc8e36d7fce5ee3de427e4e
-
SHA1
edda62631d243d97e39d52e3e7d78141c17136c1
-
SHA256
435ac88803c8f59d9793ee92d8ff5aa56756bf2700300b0b59ae72eab722c155
-
SHA512
f6ab594057d08b70f39981be7a2af0fca9478260ac56794be8c615f114f223c6230e0ea39fd61c95fd3de66582e942a1da1f71af681f29c536f95adf720b3eba
-
SSDEEP
6144:KVy+bnr+jp0yN90QEhYNAIwIxpdfMQmVtgKZw8KDWClmo3AIoKEiBwajoKSB6ugb:nMrDy903YvwOKVpKDWU3ZAKSeAB40Y
Static task
static1
Behavioral task
behavioral1
Sample
435ac88803c8f59d9793ee92d8ff5aa56756bf2700300b0b59ae72eab722c155.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
435ac88803c8f59d9793ee92d8ff5aa56756bf2700300b0b59ae72eab722c155
-
Size
442KB
-
MD5
907f1b666bc8e36d7fce5ee3de427e4e
-
SHA1
edda62631d243d97e39d52e3e7d78141c17136c1
-
SHA256
435ac88803c8f59d9793ee92d8ff5aa56756bf2700300b0b59ae72eab722c155
-
SHA512
f6ab594057d08b70f39981be7a2af0fca9478260ac56794be8c615f114f223c6230e0ea39fd61c95fd3de66582e942a1da1f71af681f29c536f95adf720b3eba
-
SSDEEP
6144:KVy+bnr+jp0yN90QEhYNAIwIxpdfMQmVtgKZw8KDWClmo3AIoKEiBwajoKSB6ugb:nMrDy903YvwOKVpKDWU3ZAKSeAB40Y
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-