General
-
Target
8ebfb27acb479ef41282aacc9b573ae123184ad1d17ea1e1d6c3c89d29d04a11
-
Size
433KB
-
Sample
241110-ztv4javhje
-
MD5
deb467995a4862259143abf2ad2dfe37
-
SHA1
312fc8954e96ad0ca9942f6f8c13765061f15db3
-
SHA256
8ebfb27acb479ef41282aacc9b573ae123184ad1d17ea1e1d6c3c89d29d04a11
-
SHA512
5caa3c2c7b7bb904f045025712f48ea7ffe7f5918366a06abe3b11010e32be7f1756fdffff9c3c0253fc22b83553d6e029a9e77e21116c13f77dfd76ceba6eff
-
SSDEEP
6144:K5y+bnr+Ep0yN90QESYCyep0NxrWVPXHDscBF0N7HiJvXdZwphWgDU6v6Y:PMr8y9039LNxS13DWiRNZwphWUUo
Static task
static1
Behavioral task
behavioral1
Sample
8ebfb27acb479ef41282aacc9b573ae123184ad1d17ea1e1d6c3c89d29d04a11.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
8ebfb27acb479ef41282aacc9b573ae123184ad1d17ea1e1d6c3c89d29d04a11
-
Size
433KB
-
MD5
deb467995a4862259143abf2ad2dfe37
-
SHA1
312fc8954e96ad0ca9942f6f8c13765061f15db3
-
SHA256
8ebfb27acb479ef41282aacc9b573ae123184ad1d17ea1e1d6c3c89d29d04a11
-
SHA512
5caa3c2c7b7bb904f045025712f48ea7ffe7f5918366a06abe3b11010e32be7f1756fdffff9c3c0253fc22b83553d6e029a9e77e21116c13f77dfd76ceba6eff
-
SSDEEP
6144:K5y+bnr+Ep0yN90QESYCyep0NxrWVPXHDscBF0N7HiJvXdZwphWgDU6v6Y:PMr8y9039LNxS13DWiRNZwphWUUo
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-