General
-
Target
2d24d0bad25511d5f074b91ec7e472fa18f18fa4b848f8eef988d5dda7b94249
-
Size
435KB
-
Sample
241111-d4lf7avqbq
-
MD5
f3382cfd60e409d07b661c99d8ca69f3
-
SHA1
07a9bc601ef3da50b02a391087c7ff1d5f289e7e
-
SHA256
2d24d0bad25511d5f074b91ec7e472fa18f18fa4b848f8eef988d5dda7b94249
-
SHA512
887063927174dca2af7f63e020905833c5915d3fb50e50f6d71ce2975a3b3e17b4fcf5d7139462e84b71b0b09473a23e4b6fb196a4fab9601c1f5c7d8910b509
-
SSDEEP
12288:GMrWy90Mz7+yhqiE4DKjtRkJQY0jX03yUv5:Yy32gqnRjtRkJX0Y3ys
Static task
static1
Behavioral task
behavioral1
Sample
2d24d0bad25511d5f074b91ec7e472fa18f18fa4b848f8eef988d5dda7b94249.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
2d24d0bad25511d5f074b91ec7e472fa18f18fa4b848f8eef988d5dda7b94249
-
Size
435KB
-
MD5
f3382cfd60e409d07b661c99d8ca69f3
-
SHA1
07a9bc601ef3da50b02a391087c7ff1d5f289e7e
-
SHA256
2d24d0bad25511d5f074b91ec7e472fa18f18fa4b848f8eef988d5dda7b94249
-
SHA512
887063927174dca2af7f63e020905833c5915d3fb50e50f6d71ce2975a3b3e17b4fcf5d7139462e84b71b0b09473a23e4b6fb196a4fab9601c1f5c7d8910b509
-
SSDEEP
12288:GMrWy90Mz7+yhqiE4DKjtRkJQY0jX03yUv5:Yy32gqnRjtRkJX0Y3ys
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-