General
-
Target
08d5eb732883b4abd0bcbeacd875c0d58a4086ed95f307b435e8f3d910bfed41
-
Size
440KB
-
Sample
241106-r5bv2asfmr
-
MD5
f12664a2a5e0158917243df3463a5dfb
-
SHA1
bd0b20c0be993aebe83db8cd455107d7c6bbe941
-
SHA256
08d5eb732883b4abd0bcbeacd875c0d58a4086ed95f307b435e8f3d910bfed41
-
SHA512
ce4b60f8cac7c4a6c3b83c0845c5a09b59a9e00491244a05e91228afaccc6a0705601599e992a6589efac35483be9219e20281b85350d20f580bad5739adf14a
-
SSDEEP
6144:KQy+bnr+dp0yN90QEnwyfkS8XvrLCeoXfjiM0PVd+jkt5y+52VXjHGGZ4GORecAV:4Mrpy90mCztPjiOktZ0VXjHTZ41cftH
Static task
static1
Behavioral task
behavioral1
Sample
08d5eb732883b4abd0bcbeacd875c0d58a4086ed95f307b435e8f3d910bfed41.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
08d5eb732883b4abd0bcbeacd875c0d58a4086ed95f307b435e8f3d910bfed41
-
Size
440KB
-
MD5
f12664a2a5e0158917243df3463a5dfb
-
SHA1
bd0b20c0be993aebe83db8cd455107d7c6bbe941
-
SHA256
08d5eb732883b4abd0bcbeacd875c0d58a4086ed95f307b435e8f3d910bfed41
-
SHA512
ce4b60f8cac7c4a6c3b83c0845c5a09b59a9e00491244a05e91228afaccc6a0705601599e992a6589efac35483be9219e20281b85350d20f580bad5739adf14a
-
SSDEEP
6144:KQy+bnr+dp0yN90QEnwyfkS8XvrLCeoXfjiM0PVd+jkt5y+52VXjHGGZ4GORecAV:4Mrpy90mCztPjiOktZ0VXjHTZ41cftH
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-