General
-
Target
9db72dc869198a3055ded469d8d23e27bd36b8d508d05729f6ea02e8c10fb0d4
-
Size
443KB
-
Sample
241109-mkad9asgmb
-
MD5
341a70cdbe228f28f73fe1cfdc27562b
-
SHA1
fee41fcc25e5c56fba64891edb5eb81bf509e60b
-
SHA256
9db72dc869198a3055ded469d8d23e27bd36b8d508d05729f6ea02e8c10fb0d4
-
SHA512
ea1b474bd961ba9ef6ef3cc46e82bb20b0101abe9f7fee1a8bb1c24cffe4bd98d58e6ca73d88c87c7e236b0f2a993609c05dd56a624855a30665a8a2e0ec9e62
-
SSDEEP
12288:jMrVy90bfQcBrtlTzsTJ3ktlpGsuAiOfij165b:GySJrtRzsTyl0OI8
Static task
static1
Behavioral task
behavioral1
Sample
9db72dc869198a3055ded469d8d23e27bd36b8d508d05729f6ea02e8c10fb0d4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
9db72dc869198a3055ded469d8d23e27bd36b8d508d05729f6ea02e8c10fb0d4
-
Size
443KB
-
MD5
341a70cdbe228f28f73fe1cfdc27562b
-
SHA1
fee41fcc25e5c56fba64891edb5eb81bf509e60b
-
SHA256
9db72dc869198a3055ded469d8d23e27bd36b8d508d05729f6ea02e8c10fb0d4
-
SHA512
ea1b474bd961ba9ef6ef3cc46e82bb20b0101abe9f7fee1a8bb1c24cffe4bd98d58e6ca73d88c87c7e236b0f2a993609c05dd56a624855a30665a8a2e0ec9e62
-
SSDEEP
12288:jMrVy90bfQcBrtlTzsTJ3ktlpGsuAiOfij165b:GySJrtRzsTyl0OI8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-