General
-
Target
fd922b46cc103fd4fe097a7cf65950f79e8fcbb4e04dfc7222f95822730da2e4
-
Size
433KB
-
Sample
241110-yxjz1avbjc
-
MD5
9143d5af8e8e2af96b3fd323585fdb71
-
SHA1
54f7eaf29d1300250e9a8cab81a9ba7bcf12a9c4
-
SHA256
fd922b46cc103fd4fe097a7cf65950f79e8fcbb4e04dfc7222f95822730da2e4
-
SHA512
8a7b067e30d6dd21a289b22bb024d27f1f21c7e320ada582a35f199a0b8daa841067ff90540307cc5f720ced482841d2a861168f5407f571b6f73f1e19fc64c7
-
SSDEEP
6144:Kby+bnr+1p0yN90QEub0ZkVFIhHvxg6SdVljJbjT+KMAEBovy6GWOIU6L+S:9MrRy90A4iSvxgb3l9VXE+vbGfh66S
Static task
static1
Behavioral task
behavioral1
Sample
fd922b46cc103fd4fe097a7cf65950f79e8fcbb4e04dfc7222f95822730da2e4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
fd922b46cc103fd4fe097a7cf65950f79e8fcbb4e04dfc7222f95822730da2e4
-
Size
433KB
-
MD5
9143d5af8e8e2af96b3fd323585fdb71
-
SHA1
54f7eaf29d1300250e9a8cab81a9ba7bcf12a9c4
-
SHA256
fd922b46cc103fd4fe097a7cf65950f79e8fcbb4e04dfc7222f95822730da2e4
-
SHA512
8a7b067e30d6dd21a289b22bb024d27f1f21c7e320ada582a35f199a0b8daa841067ff90540307cc5f720ced482841d2a861168f5407f571b6f73f1e19fc64c7
-
SSDEEP
6144:Kby+bnr+1p0yN90QEub0ZkVFIhHvxg6SdVljJbjT+KMAEBovy6GWOIU6L+S:9MrRy90A4iSvxgb3l9VXE+vbGfh66S
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-