General
-
Target
b341b1b211e6012013b567a6d10cfdb62acbb55b37d37d9d45d1e9b163e63de4
-
Size
440KB
-
Sample
241107-l64dsa1akm
-
MD5
a9b2ebf1d0119a82ca9981488f38fb42
-
SHA1
0ebc2c6962ee343aa1b4255d6bf2ae929559fa3f
-
SHA256
b341b1b211e6012013b567a6d10cfdb62acbb55b37d37d9d45d1e9b163e63de4
-
SHA512
b03c4091ce11d1a45c88f4f8d35555b2324d041b71b3cfc7623d0b115a3d522a3ddf8bafba8d2478ed80909c2a8fa9be3c2296cb9d7fa09edd4bd49d0b7d8504
-
SSDEEP
6144:Kdy+bnr+bp0yN90QEyY2GJKdWoUQo9QCMBzH7NwFYRobY2aWFhUXV+feNfN8/Juc:/MrXy90gVPFoJ6fNwvvIXVdz8/J5h1
Static task
static1
Behavioral task
behavioral1
Sample
b341b1b211e6012013b567a6d10cfdb62acbb55b37d37d9d45d1e9b163e63de4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
b341b1b211e6012013b567a6d10cfdb62acbb55b37d37d9d45d1e9b163e63de4
-
Size
440KB
-
MD5
a9b2ebf1d0119a82ca9981488f38fb42
-
SHA1
0ebc2c6962ee343aa1b4255d6bf2ae929559fa3f
-
SHA256
b341b1b211e6012013b567a6d10cfdb62acbb55b37d37d9d45d1e9b163e63de4
-
SHA512
b03c4091ce11d1a45c88f4f8d35555b2324d041b71b3cfc7623d0b115a3d522a3ddf8bafba8d2478ed80909c2a8fa9be3c2296cb9d7fa09edd4bd49d0b7d8504
-
SSDEEP
6144:Kdy+bnr+bp0yN90QEyY2GJKdWoUQo9QCMBzH7NwFYRobY2aWFhUXV+feNfN8/Juc:/MrXy90gVPFoJ6fNwvvIXVdz8/J5h1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-