General
-
Target
6729f42659e374bf740029708d33e331f398826e00eccb8e1ef984921fd0d802
-
Size
435KB
-
Sample
241107-g1kx2awnas
-
MD5
312339effeb7070b2265ba001ecdd9a3
-
SHA1
677ea57ce2d0ab23fea135220547e921f214636d
-
SHA256
6729f42659e374bf740029708d33e331f398826e00eccb8e1ef984921fd0d802
-
SHA512
4b6338a79a568a087927d5caaa6c03c678b7008585f593e5c7356ee9cf563219d5cb7255124c9f91cd0a93711ac8eccfe12e1cd16d669ca7ef5f4951881a6464
-
SSDEEP
12288:yMrpy90hz7+yhqiE4DKjtRkJQY0AcK7pI:7y62gqnRjtRkJX0/ga
Static task
static1
Behavioral task
behavioral1
Sample
6729f42659e374bf740029708d33e331f398826e00eccb8e1ef984921fd0d802.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
6729f42659e374bf740029708d33e331f398826e00eccb8e1ef984921fd0d802
-
Size
435KB
-
MD5
312339effeb7070b2265ba001ecdd9a3
-
SHA1
677ea57ce2d0ab23fea135220547e921f214636d
-
SHA256
6729f42659e374bf740029708d33e331f398826e00eccb8e1ef984921fd0d802
-
SHA512
4b6338a79a568a087927d5caaa6c03c678b7008585f593e5c7356ee9cf563219d5cb7255124c9f91cd0a93711ac8eccfe12e1cd16d669ca7ef5f4951881a6464
-
SSDEEP
12288:yMrpy90hz7+yhqiE4DKjtRkJQY0AcK7pI:7y62gqnRjtRkJX0/ga
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-