General
-
Target
e540910594704ba021f3a6e50bc73891c79f2b13d6d6169743a0799a0b8ffda0
-
Size
433KB
-
Sample
241110-y5q4aavcmd
-
MD5
dd9bbe1476eba8a8e353dcebbaea2724
-
SHA1
d6814c32ef9586800eb524a28bfcc6866815d155
-
SHA256
e540910594704ba021f3a6e50bc73891c79f2b13d6d6169743a0799a0b8ffda0
-
SHA512
08aaf32ef7f12c3548d17d6de2c5bd5241c6c72103aeeb84c9bc3fcccd65461d41978efbb7d5da3f5d4b6444e844b69310d2e3894dff87f2f11493233f7d541e
-
SSDEEP
6144:K/y+bnr+dp0yN90QE7ZvzD13qCSQdokvJ1R8jiMexn8kz0nXvAZz0ljVczqxYMX7:JMrJy90/5zBvPudeFy/AZ1CYMXyCRJ
Static task
static1
Behavioral task
behavioral1
Sample
e540910594704ba021f3a6e50bc73891c79f2b13d6d6169743a0799a0b8ffda0.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
e540910594704ba021f3a6e50bc73891c79f2b13d6d6169743a0799a0b8ffda0
-
Size
433KB
-
MD5
dd9bbe1476eba8a8e353dcebbaea2724
-
SHA1
d6814c32ef9586800eb524a28bfcc6866815d155
-
SHA256
e540910594704ba021f3a6e50bc73891c79f2b13d6d6169743a0799a0b8ffda0
-
SHA512
08aaf32ef7f12c3548d17d6de2c5bd5241c6c72103aeeb84c9bc3fcccd65461d41978efbb7d5da3f5d4b6444e844b69310d2e3894dff87f2f11493233f7d541e
-
SSDEEP
6144:K/y+bnr+dp0yN90QE7ZvzD13qCSQdokvJ1R8jiMexn8kz0nXvAZz0ljVczqxYMX7:JMrJy90/5zBvPudeFy/AZ1CYMXyCRJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-