General
-
Target
a2d8bdd8d3cde3e5f6313897d6bee6c2d1436dbcffb753a0ba8bc0663af429ca
-
Size
442KB
-
Sample
241106-sqcdpa1ray
-
MD5
3f3dae31b574aaa52722b08df8ee138f
-
SHA1
0df3b85cc5ba416d0c5d50790015c2eaa1611716
-
SHA256
a2d8bdd8d3cde3e5f6313897d6bee6c2d1436dbcffb753a0ba8bc0663af429ca
-
SHA512
b169973225f205c6301f424761ddd67c9dea756482cc5af508ed6a946475ad3a533ae21dc20b226501cb9ed3db3ddc2e81ddfc4c564b195de47783e228755cda
-
SSDEEP
12288:7Mrpy90NxQih1l5eJwD7ob0ZR0DC/oaz0oHI9j:eyEh1HeJwD7oocpa4RZ
Static task
static1
Behavioral task
behavioral1
Sample
a2d8bdd8d3cde3e5f6313897d6bee6c2d1436dbcffb753a0ba8bc0663af429ca.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
a2d8bdd8d3cde3e5f6313897d6bee6c2d1436dbcffb753a0ba8bc0663af429ca
-
Size
442KB
-
MD5
3f3dae31b574aaa52722b08df8ee138f
-
SHA1
0df3b85cc5ba416d0c5d50790015c2eaa1611716
-
SHA256
a2d8bdd8d3cde3e5f6313897d6bee6c2d1436dbcffb753a0ba8bc0663af429ca
-
SHA512
b169973225f205c6301f424761ddd67c9dea756482cc5af508ed6a946475ad3a533ae21dc20b226501cb9ed3db3ddc2e81ddfc4c564b195de47783e228755cda
-
SSDEEP
12288:7Mrpy90NxQih1l5eJwD7ob0ZR0DC/oaz0oHI9j:eyEh1HeJwD7oocpa4RZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-