General
-
Target
9503d5d34d96240435ef67e14095440c162c6e453a0d6d91ffb73a0eb07dc9d7
-
Size
433KB
-
Sample
241107-kvrp6szbqr
-
MD5
a965539823ec8f1dff6642666ca248f8
-
SHA1
2c24a3da2387ca968086e7e305f7234530caf660
-
SHA256
9503d5d34d96240435ef67e14095440c162c6e453a0d6d91ffb73a0eb07dc9d7
-
SHA512
fc5d812f1614a72c396d0b8cbba0b52bcc049e040555105f01a08a53fa2c66d67b3c735c9fde774840f6c57079f52dcfc6f261780d56240ba5dfeadf085f897b
-
SSDEEP
12288:dMrAy90bWCWbxy59C7a3Y3PfMLFROcwT:1ysWCWbsrC7a3YffM5RNi
Static task
static1
Behavioral task
behavioral1
Sample
9503d5d34d96240435ef67e14095440c162c6e453a0d6d91ffb73a0eb07dc9d7.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
9503d5d34d96240435ef67e14095440c162c6e453a0d6d91ffb73a0eb07dc9d7
-
Size
433KB
-
MD5
a965539823ec8f1dff6642666ca248f8
-
SHA1
2c24a3da2387ca968086e7e305f7234530caf660
-
SHA256
9503d5d34d96240435ef67e14095440c162c6e453a0d6d91ffb73a0eb07dc9d7
-
SHA512
fc5d812f1614a72c396d0b8cbba0b52bcc049e040555105f01a08a53fa2c66d67b3c735c9fde774840f6c57079f52dcfc6f261780d56240ba5dfeadf085f897b
-
SSDEEP
12288:dMrAy90bWCWbxy59C7a3Y3PfMLFROcwT:1ysWCWbsrC7a3YffM5RNi
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-