General
-
Target
2612e7cc791acbe83ce8c4063ff90ee13297ff45672b8d38c1eea36583da49c6
-
Size
441KB
-
Sample
241107-hlgshawrgz
-
MD5
7891ae4db3e19ff4c77017dd6d251f29
-
SHA1
b74fb55fb38d10966c6fa1055e9ece795d691dec
-
SHA256
2612e7cc791acbe83ce8c4063ff90ee13297ff45672b8d38c1eea36583da49c6
-
SHA512
4c435b5b1f17e1b59629fd4e31239416342da6025a1c539a3790db0d68f38c38141acb2afc17bd67ff93374653d5e7d6afed0cb734f9ca6afa913a8ce675cec6
-
SSDEEP
6144:KDy+bnr+8p0yN90QEsGYRDrn52gmMxkARcAZNYz3C2IOO5cA0Fhcny3FDqXJ2MS:RMrwy90iGCDdsmZI3E5QXFDqK
Static task
static1
Behavioral task
behavioral1
Sample
2612e7cc791acbe83ce8c4063ff90ee13297ff45672b8d38c1eea36583da49c6.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
2612e7cc791acbe83ce8c4063ff90ee13297ff45672b8d38c1eea36583da49c6
-
Size
441KB
-
MD5
7891ae4db3e19ff4c77017dd6d251f29
-
SHA1
b74fb55fb38d10966c6fa1055e9ece795d691dec
-
SHA256
2612e7cc791acbe83ce8c4063ff90ee13297ff45672b8d38c1eea36583da49c6
-
SHA512
4c435b5b1f17e1b59629fd4e31239416342da6025a1c539a3790db0d68f38c38141acb2afc17bd67ff93374653d5e7d6afed0cb734f9ca6afa913a8ce675cec6
-
SSDEEP
6144:KDy+bnr+8p0yN90QEsGYRDrn52gmMxkARcAZNYz3C2IOO5cA0Fhcny3FDqXJ2MS:RMrwy90iGCDdsmZI3E5QXFDqK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-