General
-
Target
0198a626f4977b56d9c771e8404fbfd51518609fa4bb6743492e82de51d23cf3
-
Size
441KB
-
Sample
241109-1ktpsawjel
-
MD5
813887abd461894bae362c19ab1987ef
-
SHA1
753c175852c9db1fa34e231fd69cd46a3c831125
-
SHA256
0198a626f4977b56d9c771e8404fbfd51518609fa4bb6743492e82de51d23cf3
-
SHA512
eb67df40354a6a391d00cd9550893d552cfd7459090c23d5520a7feb88237c98b24e9ea16369922c7e6f81dcd76ba6b32453a6d015b4bad62bb6d410c59fb5c3
-
SSDEEP
12288:YMrIy90HJlj7LYxjzLvzGsl/F1HazKFW7:QykjLY5zLvCYTH0KF6
Static task
static1
Behavioral task
behavioral1
Sample
0198a626f4977b56d9c771e8404fbfd51518609fa4bb6743492e82de51d23cf3.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
0198a626f4977b56d9c771e8404fbfd51518609fa4bb6743492e82de51d23cf3
-
Size
441KB
-
MD5
813887abd461894bae362c19ab1987ef
-
SHA1
753c175852c9db1fa34e231fd69cd46a3c831125
-
SHA256
0198a626f4977b56d9c771e8404fbfd51518609fa4bb6743492e82de51d23cf3
-
SHA512
eb67df40354a6a391d00cd9550893d552cfd7459090c23d5520a7feb88237c98b24e9ea16369922c7e6f81dcd76ba6b32453a6d015b4bad62bb6d410c59fb5c3
-
SSDEEP
12288:YMrIy90HJlj7LYxjzLvzGsl/F1HazKFW7:QykjLY5zLvCYTH0KF6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-