General
-
Target
5afbadc05934f3ce37ba2a8e0f17cd9bf431430e3f3e502d30170dc2db1e5a64
-
Size
688KB
-
Sample
241109-3qc1bsvcnj
-
MD5
e9299359cae8cc0e1a1a5219d240cf88
-
SHA1
fbfd5495ff04017b0993b8f3e7d48dbb06a9dc5d
-
SHA256
5afbadc05934f3ce37ba2a8e0f17cd9bf431430e3f3e502d30170dc2db1e5a64
-
SHA512
a4c4c2ea66a8d5ed0114c59d2773e09eb86b3a8e2beafeb9e38f46e9124c6a4ad5e5ea6f919435717cd96f3b00040c7850f740f9eb1234be865622ee72471b64
-
SSDEEP
12288:qazLbKL4NqoxAfC7b+p88RKcuIrWRovMCAEuuF6XYH5s:q+LqoxZHTuKNMEC8p65s
Static task
static1
Behavioral task
behavioral1
Sample
f0fb5e4f2519743894d24989e741f3d720831465de18c8620e638a9c82fe1130.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
f0fb5e4f2519743894d24989e741f3d720831465de18c8620e638a9c82fe1130.exe
-
Size
739KB
-
MD5
067cc0612830accc4eca2b65d5be8f9f
-
SHA1
90bbde0f75eb572b196e5959e6aed0f07e4a4ad0
-
SHA256
f0fb5e4f2519743894d24989e741f3d720831465de18c8620e638a9c82fe1130
-
SHA512
64a90c784321ee343fae04615ce6b3f4e9c15a3b95547eba24ca6e34a30df4a76c3a37e006cc8f3e374055b101b35aea4a9f819ce6547a37d7a606c7ce25755f
-
SSDEEP
12288:XMr9y90Nvg6eKwXdc/1NvlKv/inI1fVxlRwR8TMlXoyXjYwQbcGAEIBYTT3LEox7:qywg6Bwq/1NvlK/h9HrOXoyXXw1IBYfv
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-