General
-
Target
f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b
-
Size
433KB
-
Sample
241106-qmy26s1brg
-
MD5
4041629edea148ed1a502cfb0fda5490
-
SHA1
7a54cdf4b4ef6bd3e52ab5df1960bcf746581c98
-
SHA256
f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b
-
SHA512
0152090950f703fc9f542055d5fcf59ea80bb4b432491728f337d36ce17461b88eb84a2f0acf10be81b396f0ebb61e877c2dc85696601e4d078806a30dd71d6e
-
SSDEEP
12288:WMrUy90xNZvRpO8WaDBuax5dU4HRXdW2Zh6:SySf9tVuaRU4HTW2a
Static task
static1
Behavioral task
behavioral1
Sample
f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b
-
Size
433KB
-
MD5
4041629edea148ed1a502cfb0fda5490
-
SHA1
7a54cdf4b4ef6bd3e52ab5df1960bcf746581c98
-
SHA256
f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b
-
SHA512
0152090950f703fc9f542055d5fcf59ea80bb4b432491728f337d36ce17461b88eb84a2f0acf10be81b396f0ebb61e877c2dc85696601e4d078806a30dd71d6e
-
SSDEEP
12288:WMrUy90xNZvRpO8WaDBuax5dU4HRXdW2Zh6:SySf9tVuaRU4HTW2a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-