General
-
Target
e747d740ea36dc68988d6662fc9161d97efb98ac8af648400d764c68dda9a4d9
-
Size
433KB
-
Sample
241107-mwgbya1dkn
-
MD5
166e8f4ba1c46760aeb0cfa9dab3c7a3
-
SHA1
18d09b30f8990f5a619e9af137213e91e52e8301
-
SHA256
e747d740ea36dc68988d6662fc9161d97efb98ac8af648400d764c68dda9a4d9
-
SHA512
acbb3383592bfbdd8177965029f47caf810f807ba9a778097fefc6de26f10a41381ea7dabb63647949750c997bcdf95cec71f3370090a93cac6f812adcc5a0dd
-
SSDEEP
12288:oMrhy90S78bm8q4pif/DdRm19HgWMtMeJ:5yqmX7Dd0XA1t7J
Static task
static1
Behavioral task
behavioral1
Sample
e747d740ea36dc68988d6662fc9161d97efb98ac8af648400d764c68dda9a4d9.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
e747d740ea36dc68988d6662fc9161d97efb98ac8af648400d764c68dda9a4d9
-
Size
433KB
-
MD5
166e8f4ba1c46760aeb0cfa9dab3c7a3
-
SHA1
18d09b30f8990f5a619e9af137213e91e52e8301
-
SHA256
e747d740ea36dc68988d6662fc9161d97efb98ac8af648400d764c68dda9a4d9
-
SHA512
acbb3383592bfbdd8177965029f47caf810f807ba9a778097fefc6de26f10a41381ea7dabb63647949750c997bcdf95cec71f3370090a93cac6f812adcc5a0dd
-
SSDEEP
12288:oMrhy90S78bm8q4pif/DdRm19HgWMtMeJ:5yqmX7Dd0XA1t7J
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-