General
-
Target
de1d33675a6408b562c3464db13576b96ae2095ce00d5e5508c3dd3ead771dab
-
Size
472KB
-
Sample
241109-1962eatejr
-
MD5
4520a1a0cdc07c2528a1ee753cd04887
-
SHA1
8309bc57ab12abb70308ea495d6c8992bce91d64
-
SHA256
de1d33675a6408b562c3464db13576b96ae2095ce00d5e5508c3dd3ead771dab
-
SHA512
d0180e3cf84f7d4e6c4f97d31fa89c8262dea4b38c6c01ea1e83deeeec592ebf316d07aea3e35ef02210eea3aaa44e09c05e1c95989831fc96555baee7d9fd1f
-
SSDEEP
12288:hMrfy90AQapyPxVM9Q5D1UahrBobCvEmqADd1Z:ayRRp4VOQ5hUurBFP
Static task
static1
Behavioral task
behavioral1
Sample
de1d33675a6408b562c3464db13576b96ae2095ce00d5e5508c3dd3ead771dab.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
de1d33675a6408b562c3464db13576b96ae2095ce00d5e5508c3dd3ead771dab
-
Size
472KB
-
MD5
4520a1a0cdc07c2528a1ee753cd04887
-
SHA1
8309bc57ab12abb70308ea495d6c8992bce91d64
-
SHA256
de1d33675a6408b562c3464db13576b96ae2095ce00d5e5508c3dd3ead771dab
-
SHA512
d0180e3cf84f7d4e6c4f97d31fa89c8262dea4b38c6c01ea1e83deeeec592ebf316d07aea3e35ef02210eea3aaa44e09c05e1c95989831fc96555baee7d9fd1f
-
SSDEEP
12288:hMrfy90AQapyPxVM9Q5D1UahrBobCvEmqADd1Z:ayRRp4VOQ5hUurBFP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-