General
-
Target
c14b796c2475b8e66ca11a068b7c23422b944e52b04e3d2e3b468e654f4f574dN
-
Size
480KB
-
Sample
241109-15xl6stdka
-
MD5
a7d5193c3692beb62bf38fd4af3c2680
-
SHA1
ab1755cf44cd9fbfeaf0f99244190fb3e43d0299
-
SHA256
c14b796c2475b8e66ca11a068b7c23422b944e52b04e3d2e3b468e654f4f574d
-
SHA512
7761658a7ef09bef0c94ab8c931b7e497fa84d41c7b75af1f9fb91981ccc3bde5e46b7c11771aaa08cb5a5f7663feb98d2fc2e4b30998835698bfb860e8a0fe4
-
SSDEEP
12288:FMrRy90OwVBaR4zAaEKAnR42KRQEa9jJS/q:QyV6s3aEBna2KmEUJSy
Static task
static1
Behavioral task
behavioral1
Sample
c14b796c2475b8e66ca11a068b7c23422b944e52b04e3d2e3b468e654f4f574dN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fuka
193.233.20.11:4131
-
auth_value
90eef520554ef188793d77ecc34217bf
Targets
-
-
Target
c14b796c2475b8e66ca11a068b7c23422b944e52b04e3d2e3b468e654f4f574dN
-
Size
480KB
-
MD5
a7d5193c3692beb62bf38fd4af3c2680
-
SHA1
ab1755cf44cd9fbfeaf0f99244190fb3e43d0299
-
SHA256
c14b796c2475b8e66ca11a068b7c23422b944e52b04e3d2e3b468e654f4f574d
-
SHA512
7761658a7ef09bef0c94ab8c931b7e497fa84d41c7b75af1f9fb91981ccc3bde5e46b7c11771aaa08cb5a5f7663feb98d2fc2e4b30998835698bfb860e8a0fe4
-
SSDEEP
12288:FMrRy90OwVBaR4zAaEKAnR42KRQEa9jJS/q:QyV6s3aEBna2KmEUJSy
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-