General
-
Target
ea80403ee4af1f2b2e7c2c041cade48c26cb323c57f1dd39e8868d23f5650150
-
Size
433KB
-
Sample
241111-e9r2lashpn
-
MD5
4431b93b2aa1e2ddac5eac50738d8add
-
SHA1
71e7a9c8feba217b87936d0114772e0074d1f237
-
SHA256
ea80403ee4af1f2b2e7c2c041cade48c26cb323c57f1dd39e8868d23f5650150
-
SHA512
91261c34cfc5afaec2df3fe6aaa145fe07aac879b95ff4628c758be9c58506277a7df5b3ffe16724f30bd1f5f99a2fb06bc15b9eb8ad2d515b99ddf0c7b39270
-
SSDEEP
12288:4Mr6y90dJtWsAkW9wHIXbnRmHJeBWkhs2:yyWvY9WIrw5kO2
Static task
static1
Behavioral task
behavioral1
Sample
ea80403ee4af1f2b2e7c2c041cade48c26cb323c57f1dd39e8868d23f5650150.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
ea80403ee4af1f2b2e7c2c041cade48c26cb323c57f1dd39e8868d23f5650150
-
Size
433KB
-
MD5
4431b93b2aa1e2ddac5eac50738d8add
-
SHA1
71e7a9c8feba217b87936d0114772e0074d1f237
-
SHA256
ea80403ee4af1f2b2e7c2c041cade48c26cb323c57f1dd39e8868d23f5650150
-
SHA512
91261c34cfc5afaec2df3fe6aaa145fe07aac879b95ff4628c758be9c58506277a7df5b3ffe16724f30bd1f5f99a2fb06bc15b9eb8ad2d515b99ddf0c7b39270
-
SSDEEP
12288:4Mr6y90dJtWsAkW9wHIXbnRmHJeBWkhs2:yyWvY9WIrw5kO2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-