General
-
Target
3ae6345b82a552c303571b0028052172b1562f2c6f0ec81a8342ce7f75cbb1f0
-
Size
441KB
-
Sample
241106-2zs78sskdr
-
MD5
29e37a90a7572b3fa8b324293ceaecfa
-
SHA1
737952af5fbf451942351dc0938f6a58e01ce1eb
-
SHA256
3ae6345b82a552c303571b0028052172b1562f2c6f0ec81a8342ce7f75cbb1f0
-
SHA512
e4b92bcd993ca30196033f89fe5c7ab59f9592e79e8b0ea3fa11fdd12e2c90907627305d1b4481662eff45559a78aa75bc45823900a9ea1e1ae7c006b177df9e
-
SSDEEP
6144:Kty+bnr+Jp0yN90QEYGYRDrn52gmMxkARcAZNYz3C2IOO5cA0FhcnytE93PrL/iE:rMrBy90aGCDdsmZI3E5QNE93PrjiE
Static task
static1
Behavioral task
behavioral1
Sample
3ae6345b82a552c303571b0028052172b1562f2c6f0ec81a8342ce7f75cbb1f0.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
3ae6345b82a552c303571b0028052172b1562f2c6f0ec81a8342ce7f75cbb1f0
-
Size
441KB
-
MD5
29e37a90a7572b3fa8b324293ceaecfa
-
SHA1
737952af5fbf451942351dc0938f6a58e01ce1eb
-
SHA256
3ae6345b82a552c303571b0028052172b1562f2c6f0ec81a8342ce7f75cbb1f0
-
SHA512
e4b92bcd993ca30196033f89fe5c7ab59f9592e79e8b0ea3fa11fdd12e2c90907627305d1b4481662eff45559a78aa75bc45823900a9ea1e1ae7c006b177df9e
-
SSDEEP
6144:Kty+bnr+Jp0yN90QEYGYRDrn52gmMxkARcAZNYz3C2IOO5cA0FhcnytE93PrL/iE:rMrBy90aGCDdsmZI3E5QNE93PrjiE
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-