General
-
Target
d0127a58d02fa1f340b62297df88a730b7db1199955aea293477a1ebb8393ba4
-
Size
478KB
-
Sample
241109-t1zgmsxhkc
-
MD5
73d04fea75ce60a3bf9e9bd4701684f8
-
SHA1
0a1b6801a5bbb61c0f7c8af168f396448babe95a
-
SHA256
d0127a58d02fa1f340b62297df88a730b7db1199955aea293477a1ebb8393ba4
-
SHA512
77759b53514c47656655e2dcc9f9e6ee91da3c09b7fef8d4dcd0575f743f319c6cadd2586b6fe1339258e5393eed0eaa4d6ff19ebfd70a845f3af5448e2c50f2
-
SSDEEP
12288:yMrhy90I3Al1FvmVYg6J1b2dqS2HfmlwlaXnKDLG:zyerFeVEfb2d9MeC2KW
Static task
static1
Behavioral task
behavioral1
Sample
d0127a58d02fa1f340b62297df88a730b7db1199955aea293477a1ebb8393ba4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
d0127a58d02fa1f340b62297df88a730b7db1199955aea293477a1ebb8393ba4
-
Size
478KB
-
MD5
73d04fea75ce60a3bf9e9bd4701684f8
-
SHA1
0a1b6801a5bbb61c0f7c8af168f396448babe95a
-
SHA256
d0127a58d02fa1f340b62297df88a730b7db1199955aea293477a1ebb8393ba4
-
SHA512
77759b53514c47656655e2dcc9f9e6ee91da3c09b7fef8d4dcd0575f743f319c6cadd2586b6fe1339258e5393eed0eaa4d6ff19ebfd70a845f3af5448e2c50f2
-
SSDEEP
12288:yMrhy90I3Al1FvmVYg6J1b2dqS2HfmlwlaXnKDLG:zyerFeVEfb2d9MeC2KW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-