General
-
Target
0673225e7432a21b49ea6e69925c92acf9c172006384dd3b2060801d0d9fe233
-
Size
440KB
-
Sample
241106-y9kgaswnh1
-
MD5
4f2016ea1459c9e80cad59639380d41c
-
SHA1
8e9a46669061f34737d254fdcc35dc6e14b7188e
-
SHA256
0673225e7432a21b49ea6e69925c92acf9c172006384dd3b2060801d0d9fe233
-
SHA512
06da60dbfec95aef0bdbf074274b07178886a08af7a567daa4337a53824c28012c08769cebad60c7ff1469143d9870cc2f200009c440cfb80dee6983e1fb5797
-
SSDEEP
6144:KYy+bnr+Wp0yN90QEAU4NCXbAkz/0su1digqs4ujd8ifiFVDsT2couGzJWXo2a8R:QMrWy90GJNCUA/bU7wJiKNcIWvvR
Static task
static1
Behavioral task
behavioral1
Sample
0673225e7432a21b49ea6e69925c92acf9c172006384dd3b2060801d0d9fe233.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
0673225e7432a21b49ea6e69925c92acf9c172006384dd3b2060801d0d9fe233
-
Size
440KB
-
MD5
4f2016ea1459c9e80cad59639380d41c
-
SHA1
8e9a46669061f34737d254fdcc35dc6e14b7188e
-
SHA256
0673225e7432a21b49ea6e69925c92acf9c172006384dd3b2060801d0d9fe233
-
SHA512
06da60dbfec95aef0bdbf074274b07178886a08af7a567daa4337a53824c28012c08769cebad60c7ff1469143d9870cc2f200009c440cfb80dee6983e1fb5797
-
SSDEEP
6144:KYy+bnr+Wp0yN90QEAU4NCXbAkz/0su1digqs4ujd8ifiFVDsT2couGzJWXo2a8R:QMrWy90GJNCUA/bU7wJiKNcIWvvR
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-