General
-
Target
f07e5d4da81ce1b9dd868e62315e4e817f19318e9a8820be2f081ccd2956a0b1
-
Size
433KB
-
Sample
241107-nsyx9a1gmb
-
MD5
59aec5b0f8ae9f8c5b54239948955f9d
-
SHA1
bc6954c0cb85c3da7dda5fa68f2281ea823ea8b6
-
SHA256
f07e5d4da81ce1b9dd868e62315e4e817f19318e9a8820be2f081ccd2956a0b1
-
SHA512
2e395b421c91e5211e6186b7750172c5e1dc123b5b26e0cad436c2086517a9a383e95f04d6b8df2d00fadd2e782cbc30c54edf563f4a6a785fc89c7c86f9770c
-
SSDEEP
6144:Kly+bnr+mp0yN90QERYCyep0NxrWVPXHDscBF0N7HiJvXdZwphWgDU6vNE:XMrqy90M9LNxS13DWiRNZwphWUUD
Static task
static1
Behavioral task
behavioral1
Sample
f07e5d4da81ce1b9dd868e62315e4e817f19318e9a8820be2f081ccd2956a0b1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
f07e5d4da81ce1b9dd868e62315e4e817f19318e9a8820be2f081ccd2956a0b1
-
Size
433KB
-
MD5
59aec5b0f8ae9f8c5b54239948955f9d
-
SHA1
bc6954c0cb85c3da7dda5fa68f2281ea823ea8b6
-
SHA256
f07e5d4da81ce1b9dd868e62315e4e817f19318e9a8820be2f081ccd2956a0b1
-
SHA512
2e395b421c91e5211e6186b7750172c5e1dc123b5b26e0cad436c2086517a9a383e95f04d6b8df2d00fadd2e782cbc30c54edf563f4a6a785fc89c7c86f9770c
-
SSDEEP
6144:Kly+bnr+mp0yN90QERYCyep0NxrWVPXHDscBF0N7HiJvXdZwphWgDU6vNE:XMrqy90M9LNxS13DWiRNZwphWUUD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-