General
-
Target
0ef8492fe3a731081a5867d82a70f1e74ae8f71760ab0fffe284614310295e47
-
Size
433KB
-
Sample
241106-yptjgayqdj
-
MD5
63a5ae81cb2054b1e9793d8e6bc65600
-
SHA1
771022ff3cb328578875fd6f4d3756f0c9e3d809
-
SHA256
0ef8492fe3a731081a5867d82a70f1e74ae8f71760ab0fffe284614310295e47
-
SHA512
9f7f5f79c0749949e326943033f93a0ccbc25a37890b12b10befe9874ecac7bb6963ef098d40a38f9f0259d36b0e6308a1d80326375e65a9170478e6e09daf4c
-
SSDEEP
6144:KNy+bnr+mp0yN90QECQ0WHWC+dbx1A59C7ai4Y3HaBWAeDMLu5/z8mSTp:TMr6y90vWCWbxy59C7a3Y3PfMLmWTp
Static task
static1
Behavioral task
behavioral1
Sample
0ef8492fe3a731081a5867d82a70f1e74ae8f71760ab0fffe284614310295e47.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
0ef8492fe3a731081a5867d82a70f1e74ae8f71760ab0fffe284614310295e47
-
Size
433KB
-
MD5
63a5ae81cb2054b1e9793d8e6bc65600
-
SHA1
771022ff3cb328578875fd6f4d3756f0c9e3d809
-
SHA256
0ef8492fe3a731081a5867d82a70f1e74ae8f71760ab0fffe284614310295e47
-
SHA512
9f7f5f79c0749949e326943033f93a0ccbc25a37890b12b10befe9874ecac7bb6963ef098d40a38f9f0259d36b0e6308a1d80326375e65a9170478e6e09daf4c
-
SSDEEP
6144:KNy+bnr+mp0yN90QECQ0WHWC+dbx1A59C7ai4Y3HaBWAeDMLu5/z8mSTp:TMr6y90vWCWbxy59C7a3Y3PfMLmWTp
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-