General
-
Target
f8880a8773a3bf732e6e4fde99a69f536ef017ab60e7c77df89eba87f00018e4
-
Size
480KB
-
Sample
241108-axavbs1emk
-
MD5
ccaa709f2fef3dfdd79e6c72535966c9
-
SHA1
91f88f6774d93da15d6e64572f6e1767c0e85285
-
SHA256
f8880a8773a3bf732e6e4fde99a69f536ef017ab60e7c77df89eba87f00018e4
-
SHA512
3b91bb630399fcb8a11b3320818e21388d8c90beaff54bf782a0fd97877b8907a65173b515097b094c2641c0bdb37ad1d29a0f6c799e7bf69fd4c1d1f29d3eda
-
SSDEEP
12288:LMrfy90ogIjVS79bg6ifVO9zpfr9zo13u+d:QytpVCCIdRM1++d
Static task
static1
Behavioral task
behavioral1
Sample
f8880a8773a3bf732e6e4fde99a69f536ef017ab60e7c77df89eba87f00018e4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fukia
193.233.20.13:4136
-
auth_value
e5783636fbd9e4f0cf9a017bce02e67e
Targets
-
-
Target
f8880a8773a3bf732e6e4fde99a69f536ef017ab60e7c77df89eba87f00018e4
-
Size
480KB
-
MD5
ccaa709f2fef3dfdd79e6c72535966c9
-
SHA1
91f88f6774d93da15d6e64572f6e1767c0e85285
-
SHA256
f8880a8773a3bf732e6e4fde99a69f536ef017ab60e7c77df89eba87f00018e4
-
SHA512
3b91bb630399fcb8a11b3320818e21388d8c90beaff54bf782a0fd97877b8907a65173b515097b094c2641c0bdb37ad1d29a0f6c799e7bf69fd4c1d1f29d3eda
-
SSDEEP
12288:LMrfy90ogIjVS79bg6ifVO9zpfr9zo13u+d:QytpVCCIdRM1++d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-