General
-
Target
d8db69c6013f2f96b70cd685c3adc974b4ad02848deef0ada0fa6f239f077c6b
-
Size
433KB
-
Sample
241106-p9qhwazlbs
-
MD5
9a3da390ffb0558b0fe48b02eb861a8f
-
SHA1
d9b2fe78efab0a9d383530f89975da7f3f20ff00
-
SHA256
d8db69c6013f2f96b70cd685c3adc974b4ad02848deef0ada0fa6f239f077c6b
-
SHA512
96af7bf14ef21b7d10e5fd7abbfc4b2dfe6de97465f0f03b97d61c46bd48d34d3b4e7c54108a28dd7e4cff671cfd52df28fbf5c25987e9341a884d837acce497
-
SSDEEP
6144:KQy+bnr+yp0yN90QEVQ0WHWC+dbx1A59C7ai4Y3HaBWAeDMLu5/z8mSCQ:cMrWy90oWCWbxy59C7a3Y3PfMLmWCQ
Static task
static1
Behavioral task
behavioral1
Sample
d8db69c6013f2f96b70cd685c3adc974b4ad02848deef0ada0fa6f239f077c6b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
d8db69c6013f2f96b70cd685c3adc974b4ad02848deef0ada0fa6f239f077c6b
-
Size
433KB
-
MD5
9a3da390ffb0558b0fe48b02eb861a8f
-
SHA1
d9b2fe78efab0a9d383530f89975da7f3f20ff00
-
SHA256
d8db69c6013f2f96b70cd685c3adc974b4ad02848deef0ada0fa6f239f077c6b
-
SHA512
96af7bf14ef21b7d10e5fd7abbfc4b2dfe6de97465f0f03b97d61c46bd48d34d3b4e7c54108a28dd7e4cff671cfd52df28fbf5c25987e9341a884d837acce497
-
SSDEEP
6144:KQy+bnr+yp0yN90QEVQ0WHWC+dbx1A59C7ai4Y3HaBWAeDMLu5/z8mSCQ:cMrWy90oWCWbxy59C7a3Y3PfMLmWCQ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-