General
-
Target
d3dfcb317c9ec8646cc32987533425de2ead7624c443ce146c5ce1d02b1e2110
-
Size
478KB
-
Sample
241109-tv7wtswrfs
-
MD5
a9d073500026bfee292d3b09378e554b
-
SHA1
3f20ef570222055a9cec769b6b98dbbcf469fbb0
-
SHA256
d3dfcb317c9ec8646cc32987533425de2ead7624c443ce146c5ce1d02b1e2110
-
SHA512
add4f01595ea1b9f89138dc53f15d363cb8fb4fe385fa1f7e178f8c81976d0f0d71bfd8432b623685f4b7c95a81635853a78f900a440d0363b678dbc8c8fcf52
-
SSDEEP
12288:oMr7y90D8+1/Wm1YayXSvWcIyHXLIrwoSD:Dy4/j2RSvWcpHXUrvSD
Static task
static1
Behavioral task
behavioral1
Sample
d3dfcb317c9ec8646cc32987533425de2ead7624c443ce146c5ce1d02b1e2110.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
d3dfcb317c9ec8646cc32987533425de2ead7624c443ce146c5ce1d02b1e2110
-
Size
478KB
-
MD5
a9d073500026bfee292d3b09378e554b
-
SHA1
3f20ef570222055a9cec769b6b98dbbcf469fbb0
-
SHA256
d3dfcb317c9ec8646cc32987533425de2ead7624c443ce146c5ce1d02b1e2110
-
SHA512
add4f01595ea1b9f89138dc53f15d363cb8fb4fe385fa1f7e178f8c81976d0f0d71bfd8432b623685f4b7c95a81635853a78f900a440d0363b678dbc8c8fcf52
-
SSDEEP
12288:oMr7y90D8+1/Wm1YayXSvWcIyHXLIrwoSD:Dy4/j2RSvWcpHXUrvSD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-