General
-
Target
4b7b7b87366e23f9f3c8d5795f6a88a64c5616ea4b6c7400a3275c21bc5cd184
-
Size
440KB
-
Sample
241107-myfheszpcx
-
MD5
b346bf632778e9e27a2ff4fd1e5a2fc3
-
SHA1
b6f712c52e4d27c52d17cdccdb5a0efadb656192
-
SHA256
4b7b7b87366e23f9f3c8d5795f6a88a64c5616ea4b6c7400a3275c21bc5cd184
-
SHA512
9224e2c609ed6ea7b4586f5e247f57723b561d4aad8b61618ece9ceee8a970e201e44a469b4b15281e576ce5f84d1350289963d738680a7f425b14d83a7fb30b
-
SSDEEP
6144:Kdy+bnr+Xp0yN90QEbY2GJKdWoUQo9QCMBzH7NwFYRobY2aWFhUXV+feNfN8/JuH:LMrTy90jVPFoJ6fNwvvIXVdz8/J5hgx
Static task
static1
Behavioral task
behavioral1
Sample
4b7b7b87366e23f9f3c8d5795f6a88a64c5616ea4b6c7400a3275c21bc5cd184.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
4b7b7b87366e23f9f3c8d5795f6a88a64c5616ea4b6c7400a3275c21bc5cd184
-
Size
440KB
-
MD5
b346bf632778e9e27a2ff4fd1e5a2fc3
-
SHA1
b6f712c52e4d27c52d17cdccdb5a0efadb656192
-
SHA256
4b7b7b87366e23f9f3c8d5795f6a88a64c5616ea4b6c7400a3275c21bc5cd184
-
SHA512
9224e2c609ed6ea7b4586f5e247f57723b561d4aad8b61618ece9ceee8a970e201e44a469b4b15281e576ce5f84d1350289963d738680a7f425b14d83a7fb30b
-
SSDEEP
6144:Kdy+bnr+Xp0yN90QEbY2GJKdWoUQo9QCMBzH7NwFYRobY2aWFhUXV+feNfN8/JuH:LMrTy90jVPFoJ6fNwvvIXVdz8/J5hgx
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-