General
-
Target
c9c134e8e57f5a4d182dc64c556b5979339d835fe83f559402ff8776e40787ccN
-
Size
632KB
-
Sample
241109-3ayxvsxkfq
-
MD5
59808eea26c693f5747949af649bb740
-
SHA1
3f6cacbc31632eb4fad266fef6cb8870b9057736
-
SHA256
c9c134e8e57f5a4d182dc64c556b5979339d835fe83f559402ff8776e40787cc
-
SHA512
cfcc685ecc6172b91f72035dcfcdcadfae33b998172ff7036f9112fac19e80999b2755edf6ca34e94062e2817821646d2cde78981f30b82359a73f0e2ca5b8df
-
SSDEEP
12288:mMrgy905pk9yJrou4Jhhw617qBSO1rTkoj0WcuLgGlB6:6y2k9yCFJ+BSOVkojguLgGG
Static task
static1
Behavioral task
behavioral1
Sample
c9c134e8e57f5a4d182dc64c556b5979339d835fe83f559402ff8776e40787ccN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
zaur
62.204.41.170:4172
-
auth_value
8f24dad16e6d64e3d692e48d05640734
Targets
-
-
Target
c9c134e8e57f5a4d182dc64c556b5979339d835fe83f559402ff8776e40787ccN
-
Size
632KB
-
MD5
59808eea26c693f5747949af649bb740
-
SHA1
3f6cacbc31632eb4fad266fef6cb8870b9057736
-
SHA256
c9c134e8e57f5a4d182dc64c556b5979339d835fe83f559402ff8776e40787cc
-
SHA512
cfcc685ecc6172b91f72035dcfcdcadfae33b998172ff7036f9112fac19e80999b2755edf6ca34e94062e2817821646d2cde78981f30b82359a73f0e2ca5b8df
-
SSDEEP
12288:mMrgy905pk9yJrou4Jhhw617qBSO1rTkoj0WcuLgGlB6:6y2k9yCFJ+BSOVkojguLgGG
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-