General
-
Target
a25544f479098fcd2ae91cd4508fcb4e65d94824cc30c46ebd5c3ac2495e41ec
-
Size
433KB
-
Sample
241107-lglsfayqcv
-
MD5
16f71d6daa8dbbb1ede78faf38b3c3d1
-
SHA1
e610e588f4678d58c0e1c4bfba3739d70a458cbf
-
SHA256
a25544f479098fcd2ae91cd4508fcb4e65d94824cc30c46ebd5c3ac2495e41ec
-
SHA512
91b1540cd142f483e14b913346c6bc05871eb52bdf6141d0c67d1ce8d274571ef7d18647aad7ef4386b5c80247f4018123737e4eadd9ffa31a1093b602402317
-
SSDEEP
6144:KVy+bnr+up0yN90QEfOLizUC8SC8qPEbnrYdPirz/hYrTVjfS4lMP9c5GoHrFz8W:jMrKy90YSy8BYdPirzZiIiFFMLH4DD
Static task
static1
Behavioral task
behavioral1
Sample
a25544f479098fcd2ae91cd4508fcb4e65d94824cc30c46ebd5c3ac2495e41ec.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
a25544f479098fcd2ae91cd4508fcb4e65d94824cc30c46ebd5c3ac2495e41ec
-
Size
433KB
-
MD5
16f71d6daa8dbbb1ede78faf38b3c3d1
-
SHA1
e610e588f4678d58c0e1c4bfba3739d70a458cbf
-
SHA256
a25544f479098fcd2ae91cd4508fcb4e65d94824cc30c46ebd5c3ac2495e41ec
-
SHA512
91b1540cd142f483e14b913346c6bc05871eb52bdf6141d0c67d1ce8d274571ef7d18647aad7ef4386b5c80247f4018123737e4eadd9ffa31a1093b602402317
-
SSDEEP
6144:KVy+bnr+up0yN90QEfOLizUC8SC8qPEbnrYdPirz/hYrTVjfS4lMP9c5GoHrFz8W:jMrKy90YSy8BYdPirzZiIiFFMLH4DD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-