General
-
Target
060aff951d7a0b79e7dcd76b0757ff70edcda6358b1eaf7bed4c7809b4d89325
-
Size
433KB
-
Sample
241107-pz7peasekd
-
MD5
ca0d3baecc5f9781ddabd8a0d8a3a8c9
-
SHA1
bf3c0c054f622a57572ff5da11ab8e8bd8883473
-
SHA256
060aff951d7a0b79e7dcd76b0757ff70edcda6358b1eaf7bed4c7809b4d89325
-
SHA512
5ef7f696495590c3bd25bfb94932b9309f7c4db089bf8d071d3c252e6f6a053c000f05a94e2fe34d631071312cc30137343bb0e00af19e81ae0c906d46aa51ee
-
SSDEEP
6144:K8y+bnr+dp0yN90QEwZvzD13qCSQdokvJ1R8jiMexn8kz0nXvAZz0ljVczqxYpXm:8MrZy90G5zBvPudeFy/AZ1CYpXN0hd
Static task
static1
Behavioral task
behavioral1
Sample
060aff951d7a0b79e7dcd76b0757ff70edcda6358b1eaf7bed4c7809b4d89325.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
060aff951d7a0b79e7dcd76b0757ff70edcda6358b1eaf7bed4c7809b4d89325
-
Size
433KB
-
MD5
ca0d3baecc5f9781ddabd8a0d8a3a8c9
-
SHA1
bf3c0c054f622a57572ff5da11ab8e8bd8883473
-
SHA256
060aff951d7a0b79e7dcd76b0757ff70edcda6358b1eaf7bed4c7809b4d89325
-
SHA512
5ef7f696495590c3bd25bfb94932b9309f7c4db089bf8d071d3c252e6f6a053c000f05a94e2fe34d631071312cc30137343bb0e00af19e81ae0c906d46aa51ee
-
SSDEEP
6144:K8y+bnr+dp0yN90QEwZvzD13qCSQdokvJ1R8jiMexn8kz0nXvAZz0ljVczqxYpXm:8MrZy90G5zBvPudeFy/AZ1CYpXN0hd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-