General
-
Target
8d401cd9e1cfdec82daf8016e56e125b4d9103d37af45ef3042172bfb0d9e68e
-
Size
564KB
-
Sample
241111-gmk1watgrr
-
MD5
0266c4a19e5c3a993fb0e570b5de2291
-
SHA1
56f5276a2495074541ca9f9f667254b4d1a17657
-
SHA256
8d401cd9e1cfdec82daf8016e56e125b4d9103d37af45ef3042172bfb0d9e68e
-
SHA512
5d25a84b8d8b7886d76e876fe99e57ab45671d03e1962a01c550e0b4d5e2e4f4ae0bdc41e0601116a76760a792e2a1a6e682b079019512386bdf56a22557b2cb
-
SSDEEP
12288:aMriy90gcPlbHYHl///vOZOrkPdS4ycV7lHa4BBS4N6u:UyOtb4F//eZP0JeJaCBS4Qu
Static task
static1
Behavioral task
behavioral1
Sample
8d401cd9e1cfdec82daf8016e56e125b4d9103d37af45ef3042172bfb0d9e68e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
8d401cd9e1cfdec82daf8016e56e125b4d9103d37af45ef3042172bfb0d9e68e
-
Size
564KB
-
MD5
0266c4a19e5c3a993fb0e570b5de2291
-
SHA1
56f5276a2495074541ca9f9f667254b4d1a17657
-
SHA256
8d401cd9e1cfdec82daf8016e56e125b4d9103d37af45ef3042172bfb0d9e68e
-
SHA512
5d25a84b8d8b7886d76e876fe99e57ab45671d03e1962a01c550e0b4d5e2e4f4ae0bdc41e0601116a76760a792e2a1a6e682b079019512386bdf56a22557b2cb
-
SSDEEP
12288:aMriy90gcPlbHYHl///vOZOrkPdS4ycV7lHa4BBS4N6u:UyOtb4F//eZP0JeJaCBS4Qu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-