General
-
Target
f8f569be55ad5ae9978f241cc61258e3b4acda993a3df0e941281eea344c9c84
-
Size
772KB
-
Sample
241109-m41esataqm
-
MD5
039cb4e36fc235b50dc492c57b36f513
-
SHA1
75f6afcb7eeedd3b593f3d331edfc6d281b995d9
-
SHA256
f8f569be55ad5ae9978f241cc61258e3b4acda993a3df0e941281eea344c9c84
-
SHA512
7f573ef178a8df7b04962b99531233c44e547f59ea66b6f73f4e80985d24251b8abcf53243c8dc669d4a739b20dcf806ac2939f535d9fcaebd005fb9d06fd18a
-
SSDEEP
12288:kMrny90jVZRD1TinRFVMne5e7haaTwovxkyzpBTKpGD9lFfs9Ov0Rf5lkfR2:LyYbDNUtMnew6Yp4p29po5W2
Static task
static1
Behavioral task
behavioral1
Sample
f8f569be55ad5ae9978f241cc61258e3b4acda993a3df0e941281eea344c9c84.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dubur
217.196.96.102:4132
-
auth_value
32d04179aa1e8d655d2d80c21f99de41
Targets
-
-
Target
f8f569be55ad5ae9978f241cc61258e3b4acda993a3df0e941281eea344c9c84
-
Size
772KB
-
MD5
039cb4e36fc235b50dc492c57b36f513
-
SHA1
75f6afcb7eeedd3b593f3d331edfc6d281b995d9
-
SHA256
f8f569be55ad5ae9978f241cc61258e3b4acda993a3df0e941281eea344c9c84
-
SHA512
7f573ef178a8df7b04962b99531233c44e547f59ea66b6f73f4e80985d24251b8abcf53243c8dc669d4a739b20dcf806ac2939f535d9fcaebd005fb9d06fd18a
-
SSDEEP
12288:kMrny90jVZRD1TinRFVMne5e7haaTwovxkyzpBTKpGD9lFfs9Ov0Rf5lkfR2:LyYbDNUtMnew6Yp4p29po5W2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-