General
-
Target
cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf
-
Size
469KB
-
Sample
241109-jn9fza1arq
-
MD5
96689513b4db0b20f83ee9fa877ef56c
-
SHA1
b2ee4aaa9a184e27171e6316d98e4b0ed8a6c538
-
SHA256
cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf
-
SHA512
aa5c9d15432b58f049c232aab93b85aaa7c5c281d799ddcc8a51c6cc2e9327ab024e718bf36421fadf09fe31836608499077f3979fff729b0e666d06c9dd1899
-
SSDEEP
6144:KPy+bnr+kp0yN90QEHDnHpDs6Ai9fu2Av8ihwwJq8HXvRfxWs/TNvsezWoZAjdu:5Mroy90BnRs67fUI3cXvR7NvKpu
Static task
static1
Behavioral task
behavioral1
Sample
cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fukia
193.233.20.13:4136
-
auth_value
e5783636fbd9e4f0cf9a017bce02e67e
Targets
-
-
Target
cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf
-
Size
469KB
-
MD5
96689513b4db0b20f83ee9fa877ef56c
-
SHA1
b2ee4aaa9a184e27171e6316d98e4b0ed8a6c538
-
SHA256
cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf
-
SHA512
aa5c9d15432b58f049c232aab93b85aaa7c5c281d799ddcc8a51c6cc2e9327ab024e718bf36421fadf09fe31836608499077f3979fff729b0e666d06c9dd1899
-
SSDEEP
6144:KPy+bnr+kp0yN90QEHDnHpDs6Ai9fu2Av8ihwwJq8HXvRfxWs/TNvsezWoZAjdu:5Mroy90BnRs67fUI3cXvR7NvKpu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-