General
-
Target
816a7654a98b7660213f55ee1bee70feb66f99cae1206ddf4a96308f20b756d6
-
Size
433KB
-
Sample
241105-kt7d8sxnc1
-
MD5
b4904a884ea49f34dbed348cd823cc61
-
SHA1
c4b42fb7be6b43929dd4c58b20959a458598f39d
-
SHA256
816a7654a98b7660213f55ee1bee70feb66f99cae1206ddf4a96308f20b756d6
-
SHA512
b5afa95cfeffe2e2b56b86eb995d19d694e7667b9ab19c3351b19af92207d441ad949adf0742c3daa1336e7a6a3d62f2a9825fc8e3514a58e5661b2a47738f2f
-
SSDEEP
12288:CMrry90h78bm8q4pif/DdRm19HgnHkXO05WF:5yfmX7Dd0XAE+oW
Static task
static1
Behavioral task
behavioral1
Sample
816a7654a98b7660213f55ee1bee70feb66f99cae1206ddf4a96308f20b756d6.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
816a7654a98b7660213f55ee1bee70feb66f99cae1206ddf4a96308f20b756d6
-
Size
433KB
-
MD5
b4904a884ea49f34dbed348cd823cc61
-
SHA1
c4b42fb7be6b43929dd4c58b20959a458598f39d
-
SHA256
816a7654a98b7660213f55ee1bee70feb66f99cae1206ddf4a96308f20b756d6
-
SHA512
b5afa95cfeffe2e2b56b86eb995d19d694e7667b9ab19c3351b19af92207d441ad949adf0742c3daa1336e7a6a3d62f2a9825fc8e3514a58e5661b2a47738f2f
-
SSDEEP
12288:CMrry90h78bm8q4pif/DdRm19HgnHkXO05WF:5yfmX7Dd0XAE+oW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-