General
-
Target
b76b1fc2db24e560b588016cacb56660fe63ff43d8a1dddde0acf711aa68f0dc
-
Size
433KB
-
Sample
241107-nxeeeasakq
-
MD5
6cf1ce96ae596631afd0660fa77274be
-
SHA1
64c3d0aa9613b35c9bed1eb3bf897007108a3dbb
-
SHA256
b76b1fc2db24e560b588016cacb56660fe63ff43d8a1dddde0acf711aa68f0dc
-
SHA512
25032df9f030dd56118f4ea75d789f469654692864279c4957cd8ab9d3ec9468769924836c5d15e093a37e526a0e80ac1925e6ee11fcfb4930bf3d3db651527d
-
SSDEEP
12288:BMrxy90RdMAFRlV87qmSQBVXgqeo9X46OMIE/G9:My7AFRlCBc63t8
Static task
static1
Behavioral task
behavioral1
Sample
b76b1fc2db24e560b588016cacb56660fe63ff43d8a1dddde0acf711aa68f0dc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
b76b1fc2db24e560b588016cacb56660fe63ff43d8a1dddde0acf711aa68f0dc
-
Size
433KB
-
MD5
6cf1ce96ae596631afd0660fa77274be
-
SHA1
64c3d0aa9613b35c9bed1eb3bf897007108a3dbb
-
SHA256
b76b1fc2db24e560b588016cacb56660fe63ff43d8a1dddde0acf711aa68f0dc
-
SHA512
25032df9f030dd56118f4ea75d789f469654692864279c4957cd8ab9d3ec9468769924836c5d15e093a37e526a0e80ac1925e6ee11fcfb4930bf3d3db651527d
-
SSDEEP
12288:BMrxy90RdMAFRlV87qmSQBVXgqeo9X46OMIE/G9:My7AFRlCBc63t8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-