General
-
Target
64aeec4b3abe687d09c5202a40d8cfe8d1b431506d69c27a74215dcc3fbf870e
-
Size
440KB
-
Sample
241107-l1lxjszjez
-
MD5
bdf3554e66522150f442e4e90216bb24
-
SHA1
506281b2d97b684900e6fbb9447e591884b70322
-
SHA256
64aeec4b3abe687d09c5202a40d8cfe8d1b431506d69c27a74215dcc3fbf870e
-
SHA512
a1cf8367cf4b6891c4d0ab4525a8f4bd043e30f36d1f1baa4ccedd4036ce1251f096d150a9abcd1d63d51c829976749fc92c0ec8208b24899523457fc4746553
-
SSDEEP
6144:KBy+bnr+Ip0yN90QEBE9gVIAhJteFeUMGrCKBz8bu6R33EF1njw3vyvbDMRcJshO:/MrEy90cgVReFeUM5uQ3s1nxinYWcZ
Static task
static1
Behavioral task
behavioral1
Sample
64aeec4b3abe687d09c5202a40d8cfe8d1b431506d69c27a74215dcc3fbf870e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
64aeec4b3abe687d09c5202a40d8cfe8d1b431506d69c27a74215dcc3fbf870e
-
Size
440KB
-
MD5
bdf3554e66522150f442e4e90216bb24
-
SHA1
506281b2d97b684900e6fbb9447e591884b70322
-
SHA256
64aeec4b3abe687d09c5202a40d8cfe8d1b431506d69c27a74215dcc3fbf870e
-
SHA512
a1cf8367cf4b6891c4d0ab4525a8f4bd043e30f36d1f1baa4ccedd4036ce1251f096d150a9abcd1d63d51c829976749fc92c0ec8208b24899523457fc4746553
-
SSDEEP
6144:KBy+bnr+Ip0yN90QEBE9gVIAhJteFeUMGrCKBz8bu6R33EF1njw3vyvbDMRcJshO:/MrEy90cgVReFeUM5uQ3s1nxinYWcZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-