General
-
Target
f43149b9dbfad4b9a1e31755b8c236b394d81368bcae51c6d2b38b31fac78c10
-
Size
739KB
-
Sample
241109-1nvq9atalp
-
MD5
b0037f04b257108eb52a51814ed77399
-
SHA1
221ab256dec4a65dc0591c0e47f0aaaa04387c93
-
SHA256
f43149b9dbfad4b9a1e31755b8c236b394d81368bcae51c6d2b38b31fac78c10
-
SHA512
908a283db8611d7d5628170e2377b77491ce967aee4eeaea7e46be208d036b75bb603bfd76ab15e323b3f4e2e1a9392a7f59ab28001bb47892d42902f8ade36d
-
SSDEEP
12288:xMrry90Lxziv7YVPg5ZJaeHRoUWWsAAK1BGFj8NwDb99nB7yevi/2CDAPuJYwk+Q:Cy4div0Vo5ZPRoVu1MaNkf7ymi+CcGJg
Static task
static1
Behavioral task
behavioral1
Sample
f43149b9dbfad4b9a1e31755b8c236b394d81368bcae51c6d2b38b31fac78c10.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
f43149b9dbfad4b9a1e31755b8c236b394d81368bcae51c6d2b38b31fac78c10
-
Size
739KB
-
MD5
b0037f04b257108eb52a51814ed77399
-
SHA1
221ab256dec4a65dc0591c0e47f0aaaa04387c93
-
SHA256
f43149b9dbfad4b9a1e31755b8c236b394d81368bcae51c6d2b38b31fac78c10
-
SHA512
908a283db8611d7d5628170e2377b77491ce967aee4eeaea7e46be208d036b75bb603bfd76ab15e323b3f4e2e1a9392a7f59ab28001bb47892d42902f8ade36d
-
SSDEEP
12288:xMrry90Lxziv7YVPg5ZJaeHRoUWWsAAK1BGFj8NwDb99nB7yevi/2CDAPuJYwk+Q:Cy4div0Vo5ZPRoVu1MaNkf7ymi+CcGJg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-