General
-
Target
868f4fc35aedc27b4ddd659d67ca965edf2ce4fde47284f390a226479a51d5e5
-
Size
441KB
-
Sample
241111-bbe3layerp
-
MD5
0dff419b0711a968984d81f7de3dd48b
-
SHA1
7f4dfb4495eb1acb70bdb6c82bb92f8df3551ee5
-
SHA256
868f4fc35aedc27b4ddd659d67ca965edf2ce4fde47284f390a226479a51d5e5
-
SHA512
b690c9c4057d34dbe5a97c65af729345456e00520b8b300e83825e8feb76cc04f2199683bb94669341118475db9d7ff2090a26bf006394e95ffe9b772d9131ea
-
SSDEEP
12288:iMr8y90pfxfEASjtv3p+2wj25s5hBYQaqbr:2yexfEJojIeYQaqP
Static task
static1
Behavioral task
behavioral1
Sample
868f4fc35aedc27b4ddd659d67ca965edf2ce4fde47284f390a226479a51d5e5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
868f4fc35aedc27b4ddd659d67ca965edf2ce4fde47284f390a226479a51d5e5
-
Size
441KB
-
MD5
0dff419b0711a968984d81f7de3dd48b
-
SHA1
7f4dfb4495eb1acb70bdb6c82bb92f8df3551ee5
-
SHA256
868f4fc35aedc27b4ddd659d67ca965edf2ce4fde47284f390a226479a51d5e5
-
SHA512
b690c9c4057d34dbe5a97c65af729345456e00520b8b300e83825e8feb76cc04f2199683bb94669341118475db9d7ff2090a26bf006394e95ffe9b772d9131ea
-
SSDEEP
12288:iMr8y90pfxfEASjtv3p+2wj25s5hBYQaqbr:2yexfEJojIeYQaqP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-