General
-
Target
a15dc21ab1400f6cbea5b9e9a2529ee8bb619ef986605a171869c188b6f1d919
-
Size
441KB
-
Sample
241107-mmb1vs1ckl
-
MD5
5843b2ef32c357eaf11dd59ba0958ff7
-
SHA1
fdf2127a5a1d779c19a7e858f6b3075691a11a80
-
SHA256
a15dc21ab1400f6cbea5b9e9a2529ee8bb619ef986605a171869c188b6f1d919
-
SHA512
b91d5d56a3eed0920af34ec15491f0e6e248d87e9a25800784ef24d6b4c6a8963f41915b07c4854a9e299ce96de2da5be5d7a7334ea4ebec433ca5263ec84351
-
SSDEEP
6144:Kfy+bnr+4p0yN90QEIg4PJQbWq0EmKqAHzME/lvB9qo0tE03exCvpidWbW8Gr:9MrQy90eFq3CSQCZ+N3exoigbu
Static task
static1
Behavioral task
behavioral1
Sample
a15dc21ab1400f6cbea5b9e9a2529ee8bb619ef986605a171869c188b6f1d919.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
a15dc21ab1400f6cbea5b9e9a2529ee8bb619ef986605a171869c188b6f1d919
-
Size
441KB
-
MD5
5843b2ef32c357eaf11dd59ba0958ff7
-
SHA1
fdf2127a5a1d779c19a7e858f6b3075691a11a80
-
SHA256
a15dc21ab1400f6cbea5b9e9a2529ee8bb619ef986605a171869c188b6f1d919
-
SHA512
b91d5d56a3eed0920af34ec15491f0e6e248d87e9a25800784ef24d6b4c6a8963f41915b07c4854a9e299ce96de2da5be5d7a7334ea4ebec433ca5263ec84351
-
SSDEEP
6144:Kfy+bnr+4p0yN90QEIg4PJQbWq0EmKqAHzME/lvB9qo0tE03exCvpidWbW8Gr:9MrQy90eFq3CSQCZ+N3exoigbu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-