General
-
Target
e4edf6e392020beee8bc556c4e41d7d1e1d981e10b23b3681b9126e79d253b7d
-
Size
440KB
-
Sample
241107-ncawgs1eke
-
MD5
df18e6f92f94d78f17d18f10bb0a0a2a
-
SHA1
82e031961199c93c24bdda92e929e77d6d2e5fd1
-
SHA256
e4edf6e392020beee8bc556c4e41d7d1e1d981e10b23b3681b9126e79d253b7d
-
SHA512
54cf37c277c5209239b2a60336c81c27ae2781c5478b5db0e40b2e65d8319b73f952518463ce98e6f213dc4bcd15e3e7ade71ac8ef28b4e7914138f28131f5af
-
SSDEEP
12288:DMryy90ixcr2wrrAOebAYs1zF6KqOP6goaGqNqH2/l4R:dy9crZrrAxsT6KqP6n/i
Static task
static1
Behavioral task
behavioral1
Sample
e4edf6e392020beee8bc556c4e41d7d1e1d981e10b23b3681b9126e79d253b7d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
e4edf6e392020beee8bc556c4e41d7d1e1d981e10b23b3681b9126e79d253b7d
-
Size
440KB
-
MD5
df18e6f92f94d78f17d18f10bb0a0a2a
-
SHA1
82e031961199c93c24bdda92e929e77d6d2e5fd1
-
SHA256
e4edf6e392020beee8bc556c4e41d7d1e1d981e10b23b3681b9126e79d253b7d
-
SHA512
54cf37c277c5209239b2a60336c81c27ae2781c5478b5db0e40b2e65d8319b73f952518463ce98e6f213dc4bcd15e3e7ade71ac8ef28b4e7914138f28131f5af
-
SSDEEP
12288:DMryy90ixcr2wrrAOebAYs1zF6KqOP6goaGqNqH2/l4R:dy9crZrrAxsT6KqP6n/i
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-