General
-
Target
eb7ed1bfa849d0fd9602001d917b91eb8316b50658cc033758b29e17f7196ebd
-
Size
433KB
-
Sample
241107-g4j5xawnet
-
MD5
75359b4e1e788fc9c00be606203cc889
-
SHA1
d7b8009927ec3687ba68991284dc5380adc37f31
-
SHA256
eb7ed1bfa849d0fd9602001d917b91eb8316b50658cc033758b29e17f7196ebd
-
SHA512
671e0cfc553bfa592bda74e92fd55a82d0953df62be3407a17e2643ed16495c52f824707c23cada786415971ab06f760ff589adc0a93a3a00c532fed9cd8e881
-
SSDEEP
12288:fMrty90J78bm8q4pif/DdRm19HgWMtMi:Oy7mX7Dd0XA1td
Static task
static1
Behavioral task
behavioral1
Sample
eb7ed1bfa849d0fd9602001d917b91eb8316b50658cc033758b29e17f7196ebd.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
eb7ed1bfa849d0fd9602001d917b91eb8316b50658cc033758b29e17f7196ebd
-
Size
433KB
-
MD5
75359b4e1e788fc9c00be606203cc889
-
SHA1
d7b8009927ec3687ba68991284dc5380adc37f31
-
SHA256
eb7ed1bfa849d0fd9602001d917b91eb8316b50658cc033758b29e17f7196ebd
-
SHA512
671e0cfc553bfa592bda74e92fd55a82d0953df62be3407a17e2643ed16495c52f824707c23cada786415971ab06f760ff589adc0a93a3a00c532fed9cd8e881
-
SSDEEP
12288:fMrty90J78bm8q4pif/DdRm19HgWMtMi:Oy7mX7Dd0XA1td
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-