General
-
Target
9d914eb0057c810e712fdb2b1f0d4c7e7588e3f91ec2ba4467525171f2ba86bc
-
Size
442KB
-
Sample
241110-ymbkwaxjgj
-
MD5
39d245351a21fd8953fa2d0b786901ee
-
SHA1
3a3eaff757ec53a3b483ee78d7784bf149540407
-
SHA256
9d914eb0057c810e712fdb2b1f0d4c7e7588e3f91ec2ba4467525171f2ba86bc
-
SHA512
7bd73d6677d5e2ddf31b1dd95bc33fd3c00b321fcee02ba41fc9ed56f5b2fad58badc38ed0cc8315586cefaafd1bcaecc5981b5fa38da45db3ad08984503ef69
-
SSDEEP
12288:SMrly90dxQih1l5eJwD7ob0ZR0DC/oaz0oHIN8:fyQh1HeJwD7oocpa4RS
Static task
static1
Behavioral task
behavioral1
Sample
9d914eb0057c810e712fdb2b1f0d4c7e7588e3f91ec2ba4467525171f2ba86bc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
9d914eb0057c810e712fdb2b1f0d4c7e7588e3f91ec2ba4467525171f2ba86bc
-
Size
442KB
-
MD5
39d245351a21fd8953fa2d0b786901ee
-
SHA1
3a3eaff757ec53a3b483ee78d7784bf149540407
-
SHA256
9d914eb0057c810e712fdb2b1f0d4c7e7588e3f91ec2ba4467525171f2ba86bc
-
SHA512
7bd73d6677d5e2ddf31b1dd95bc33fd3c00b321fcee02ba41fc9ed56f5b2fad58badc38ed0cc8315586cefaafd1bcaecc5981b5fa38da45db3ad08984503ef69
-
SSDEEP
12288:SMrly90dxQih1l5eJwD7ob0ZR0DC/oaz0oHIN8:fyQh1HeJwD7oocpa4RS
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-