General
-
Target
3258d09b389a155351b2be7fd8df904fd8df8cacfa795a664d8c6bf1fc367c5f
-
Size
564KB
-
Sample
241109-1r4hkatbkp
-
MD5
3ae1e7f1a616f8defd87770cab45f522
-
SHA1
83fe58f557d7830ca0f749828fc26095f2172243
-
SHA256
3258d09b389a155351b2be7fd8df904fd8df8cacfa795a664d8c6bf1fc367c5f
-
SHA512
4d4b4934e9135ed67e89fd862a8de92544af0f80a587a4c9c3251673949f2dd79c6d81bc53e311f536ab3e2a1892369f2ac2ba1849e106755a2be8c70c8d7969
-
SSDEEP
12288:RMrXy90/Qnfyx0F5ZfNoqVQbHh08ZZ8Hieg06WssT:2yvc0F3ZAmEWCe/XdT
Static task
static1
Behavioral task
behavioral1
Sample
3258d09b389a155351b2be7fd8df904fd8df8cacfa795a664d8c6bf1fc367c5f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
3258d09b389a155351b2be7fd8df904fd8df8cacfa795a664d8c6bf1fc367c5f
-
Size
564KB
-
MD5
3ae1e7f1a616f8defd87770cab45f522
-
SHA1
83fe58f557d7830ca0f749828fc26095f2172243
-
SHA256
3258d09b389a155351b2be7fd8df904fd8df8cacfa795a664d8c6bf1fc367c5f
-
SHA512
4d4b4934e9135ed67e89fd862a8de92544af0f80a587a4c9c3251673949f2dd79c6d81bc53e311f536ab3e2a1892369f2ac2ba1849e106755a2be8c70c8d7969
-
SSDEEP
12288:RMrXy90/Qnfyx0F5ZfNoqVQbHh08ZZ8Hieg06WssT:2yvc0F3ZAmEWCe/XdT
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-