General
-
Target
362b007095077605e72ecf1bd93ac3f908c0c969bd4afc2dacc71638ff96d263N
-
Size
724KB
-
Sample
241109-26gssatkfz
-
MD5
960c1b8e67e7b2e7b822ba579ae418e0
-
SHA1
22de6b9a154cc5e2d254c420435d661a89988124
-
SHA256
362b007095077605e72ecf1bd93ac3f908c0c969bd4afc2dacc71638ff96d263
-
SHA512
f0351ae9a6ca8d2c960368a34075d743a0ae03cea7cb8f83fc01946cb0e81c670bf3c03d4af0bff80e9bec7741db00616d99f6d07bbec0c673c895c75be82818
-
SSDEEP
12288:AMrZy90aAAXQxwFxxu42lRtyoUlnS/88O55IPg7irHTb3E7hglEEGdq:pyJAAgx/BlWBl888O55IZTLE7h2
Static task
static1
Behavioral task
behavioral1
Sample
362b007095077605e72ecf1bd93ac3f908c0c969bd4afc2dacc71638ff96d263N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
362b007095077605e72ecf1bd93ac3f908c0c969bd4afc2dacc71638ff96d263N
-
Size
724KB
-
MD5
960c1b8e67e7b2e7b822ba579ae418e0
-
SHA1
22de6b9a154cc5e2d254c420435d661a89988124
-
SHA256
362b007095077605e72ecf1bd93ac3f908c0c969bd4afc2dacc71638ff96d263
-
SHA512
f0351ae9a6ca8d2c960368a34075d743a0ae03cea7cb8f83fc01946cb0e81c670bf3c03d4af0bff80e9bec7741db00616d99f6d07bbec0c673c895c75be82818
-
SSDEEP
12288:AMrZy90aAAXQxwFxxu42lRtyoUlnS/88O55IPg7irHTb3E7hglEEGdq:pyJAAgx/BlWBl888O55IZTLE7h2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-