General
-
Target
e6cf8dc623d50ac657a81af5e4e11869fb36bd42cc1f1f33cfbf0f6e3285cdb8
-
Size
433KB
-
Sample
241107-nc3aqstncj
-
MD5
a48b7dacf7bba6ac0fdb26d492895234
-
SHA1
77653dbd77680024fa4cc6a2953f2a4804235619
-
SHA256
e6cf8dc623d50ac657a81af5e4e11869fb36bd42cc1f1f33cfbf0f6e3285cdb8
-
SHA512
2cdcbfbdadded089f14b70c42931acc61454456cd627ef6e5417aeebd9c15043a50bca4f884e9120c599b1ec0ef9099bf4be998d612b693ef99a130b1d2564cf
-
SSDEEP
12288:tMr9y90FdMAFRlV87qmSQBVXgqeo9X4Ev:UyjAFRlCBcEv
Static task
static1
Behavioral task
behavioral1
Sample
e6cf8dc623d50ac657a81af5e4e11869fb36bd42cc1f1f33cfbf0f6e3285cdb8.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
e6cf8dc623d50ac657a81af5e4e11869fb36bd42cc1f1f33cfbf0f6e3285cdb8
-
Size
433KB
-
MD5
a48b7dacf7bba6ac0fdb26d492895234
-
SHA1
77653dbd77680024fa4cc6a2953f2a4804235619
-
SHA256
e6cf8dc623d50ac657a81af5e4e11869fb36bd42cc1f1f33cfbf0f6e3285cdb8
-
SHA512
2cdcbfbdadded089f14b70c42931acc61454456cd627ef6e5417aeebd9c15043a50bca4f884e9120c599b1ec0ef9099bf4be998d612b693ef99a130b1d2564cf
-
SSDEEP
12288:tMr9y90FdMAFRlV87qmSQBVXgqeo9X4Ev:UyjAFRlCBcEv
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-