General
-
Target
ce02df6ac9b657339ce75d4dcc3a5ed0770aa0a482908d1a5b4ed93ceda02e25
-
Size
740KB
-
Sample
241110-r5y1kaskcp
-
MD5
2b19ae40162ea0b452887bc52298d177
-
SHA1
4ecbfb1458fea36a885a54e721e354399c697e32
-
SHA256
ce02df6ac9b657339ce75d4dcc3a5ed0770aa0a482908d1a5b4ed93ceda02e25
-
SHA512
ba4f0f2d54b0be1080ec9c16a76b6303793ae5859833f942d3ef55a787db3298f5842a4aa4a124f166c1fdd3e8f32cdc94838df8f29db09d01109fb1df2bdd1d
-
SSDEEP
12288:JMruy90kUVXLimWkK2z57We+EWRYtXhdPSUwn4oRPZJmMD/6eAIB5:DyIVXXRNCsKYJvw4o1+M+eAe
Static task
static1
Behavioral task
behavioral1
Sample
ce02df6ac9b657339ce75d4dcc3a5ed0770aa0a482908d1a5b4ed93ceda02e25.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
ce02df6ac9b657339ce75d4dcc3a5ed0770aa0a482908d1a5b4ed93ceda02e25
-
Size
740KB
-
MD5
2b19ae40162ea0b452887bc52298d177
-
SHA1
4ecbfb1458fea36a885a54e721e354399c697e32
-
SHA256
ce02df6ac9b657339ce75d4dcc3a5ed0770aa0a482908d1a5b4ed93ceda02e25
-
SHA512
ba4f0f2d54b0be1080ec9c16a76b6303793ae5859833f942d3ef55a787db3298f5842a4aa4a124f166c1fdd3e8f32cdc94838df8f29db09d01109fb1df2bdd1d
-
SSDEEP
12288:JMruy90kUVXLimWkK2z57We+EWRYtXhdPSUwn4oRPZJmMD/6eAIB5:DyIVXXRNCsKYJvw4o1+M+eAe
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-