General
-
Target
ffac52e0895b0806520ab4b7b6358d904bfee7119ef5121fb39d270c34ae291e
-
Size
433KB
-
Sample
241106-1l8kbsxpav
-
MD5
5617eed799945c8cdf70011768c2bbff
-
SHA1
09bbab93cb5188676d7b0c847ca4eae1fdc9236c
-
SHA256
ffac52e0895b0806520ab4b7b6358d904bfee7119ef5121fb39d270c34ae291e
-
SHA512
ace3f81eb8269fa44e32716b405ae1a21a07e479239d4fafd89c762a2010a9a21975a01c9d5a1e670751ab065c546a56da946cc67a758401cb3b01a26b30a203
-
SSDEEP
12288:jMr2y90OWCWbxy59C7a3Y3PfMLFROcwLW:hypWCWbsrC7a3YffM5RNP
Static task
static1
Behavioral task
behavioral1
Sample
ffac52e0895b0806520ab4b7b6358d904bfee7119ef5121fb39d270c34ae291e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
ffac52e0895b0806520ab4b7b6358d904bfee7119ef5121fb39d270c34ae291e
-
Size
433KB
-
MD5
5617eed799945c8cdf70011768c2bbff
-
SHA1
09bbab93cb5188676d7b0c847ca4eae1fdc9236c
-
SHA256
ffac52e0895b0806520ab4b7b6358d904bfee7119ef5121fb39d270c34ae291e
-
SHA512
ace3f81eb8269fa44e32716b405ae1a21a07e479239d4fafd89c762a2010a9a21975a01c9d5a1e670751ab065c546a56da946cc67a758401cb3b01a26b30a203
-
SSDEEP
12288:jMr2y90OWCWbxy59C7a3Y3PfMLFROcwLW:hypWCWbsrC7a3YffM5RNP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-