General
-
Target
a2d6311287a170ab5ab4fe810f8df69d57b165fd3fd164ed2386e28b65c518d5
-
Size
442KB
-
Sample
241111-efm6jssfmb
-
MD5
31517f0719e0dcfe41778350d92038aa
-
SHA1
33354b633ee42bee32b103fa452952beb158b2c1
-
SHA256
a2d6311287a170ab5ab4fe810f8df69d57b165fd3fd164ed2386e28b65c518d5
-
SHA512
3abc7adb17ccfaedc53b176615f3368447df6622cb8e320786c2d79c650dfa7de45b8f6681b4a9d6156ca8a4bb6cbcdb3b3ba8e86647f0c65d6de18e603484b5
-
SSDEEP
6144:KMy+bnr+ep0yN90QE/BEyWzP8Hao4s+9V6odP5B/d34Rbs94mp77Lip1MT:UMrCy90t2yQIao4r6opPiRs94NPMT
Static task
static1
Behavioral task
behavioral1
Sample
a2d6311287a170ab5ab4fe810f8df69d57b165fd3fd164ed2386e28b65c518d5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rodik
193.233.20.23:4124
-
auth_value
59b6e22e7cfd9b5fa0c99d1942f7c85d
Targets
-
-
Target
a2d6311287a170ab5ab4fe810f8df69d57b165fd3fd164ed2386e28b65c518d5
-
Size
442KB
-
MD5
31517f0719e0dcfe41778350d92038aa
-
SHA1
33354b633ee42bee32b103fa452952beb158b2c1
-
SHA256
a2d6311287a170ab5ab4fe810f8df69d57b165fd3fd164ed2386e28b65c518d5
-
SHA512
3abc7adb17ccfaedc53b176615f3368447df6622cb8e320786c2d79c650dfa7de45b8f6681b4a9d6156ca8a4bb6cbcdb3b3ba8e86647f0c65d6de18e603484b5
-
SSDEEP
6144:KMy+bnr+ep0yN90QE/BEyWzP8Hao4s+9V6odP5B/d34Rbs94mp77Lip1MT:UMrCy90t2yQIao4r6opPiRs94NPMT
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-