General
-
Target
dbefd1c534c5fc36e80fd262da4e64e26d54f05a7d00b4a73af6e15440660f35
-
Size
539KB
-
Sample
241109-1dkhjasfrb
-
MD5
1b667763a7c7952d68a0f5afa3d8ca4b
-
SHA1
2dc28e83644a0c890fd4180ee18799977a076a83
-
SHA256
dbefd1c534c5fc36e80fd262da4e64e26d54f05a7d00b4a73af6e15440660f35
-
SHA512
f2914bc4a765b6a3c81ac1be1d3878fe8b0cfa437587e0234079a4196bc9295fdb7319663b48a96b23352683ed7b94cbf57a89615c0f9e2af9e2240a4ac7552d
-
SSDEEP
12288:SMrFy90u6Fr/eP2idIPg0mQ6wa3d82pS9hYd/kt8LMA:Lyi9GuidAg0mZwa3d8kAV0R
Static task
static1
Behavioral task
behavioral1
Sample
dbefd1c534c5fc36e80fd262da4e64e26d54f05a7d00b4a73af6e15440660f35.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fuka
193.233.20.11:4131
-
auth_value
90eef520554ef188793d77ecc34217bf
Targets
-
-
Target
dbefd1c534c5fc36e80fd262da4e64e26d54f05a7d00b4a73af6e15440660f35
-
Size
539KB
-
MD5
1b667763a7c7952d68a0f5afa3d8ca4b
-
SHA1
2dc28e83644a0c890fd4180ee18799977a076a83
-
SHA256
dbefd1c534c5fc36e80fd262da4e64e26d54f05a7d00b4a73af6e15440660f35
-
SHA512
f2914bc4a765b6a3c81ac1be1d3878fe8b0cfa437587e0234079a4196bc9295fdb7319663b48a96b23352683ed7b94cbf57a89615c0f9e2af9e2240a4ac7552d
-
SSDEEP
12288:SMrFy90u6Fr/eP2idIPg0mQ6wa3d82pS9hYd/kt8LMA:Lyi9GuidAg0mZwa3d8kAV0R
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-