General
-
Target
973a0541a156db21362c70f5e2c514f7b9069dc08080f84e3c7d90a47e6dbf52
-
Size
474KB
-
Sample
241109-vydb3ayflr
-
MD5
fca481a1e78d29fceb9ed4ae0ca301fc
-
SHA1
235476518220dcdd3f889759e82acc0c225092d2
-
SHA256
973a0541a156db21362c70f5e2c514f7b9069dc08080f84e3c7d90a47e6dbf52
-
SHA512
ff287193926b71cd23ddc5f135c34db2538d020f09e4200cd4ea05040250680c18feb9c33371948dbb5b1374225bf3f682d59010b595134d2f928d5b599b1b6f
-
SSDEEP
6144:KKy+bnr+6p0yN90QEvKBcM/9SpL8kEymWa5Sx9iO/9Ld5zMybehvXJ3Z42vl/w+8:mMrqy90eJspXmW2oI8dKXJ35lrUw0hT
Static task
static1
Behavioral task
behavioral1
Sample
973a0541a156db21362c70f5e2c514f7b9069dc08080f84e3c7d90a47e6dbf52.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
973a0541a156db21362c70f5e2c514f7b9069dc08080f84e3c7d90a47e6dbf52
-
Size
474KB
-
MD5
fca481a1e78d29fceb9ed4ae0ca301fc
-
SHA1
235476518220dcdd3f889759e82acc0c225092d2
-
SHA256
973a0541a156db21362c70f5e2c514f7b9069dc08080f84e3c7d90a47e6dbf52
-
SHA512
ff287193926b71cd23ddc5f135c34db2538d020f09e4200cd4ea05040250680c18feb9c33371948dbb5b1374225bf3f682d59010b595134d2f928d5b599b1b6f
-
SSDEEP
6144:KKy+bnr+6p0yN90QEvKBcM/9SpL8kEymWa5Sx9iO/9Ld5zMybehvXJ3Z42vl/w+8:mMrqy90eJspXmW2oI8dKXJ35lrUw0hT
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-