General
-
Target
c2859dbd43ab403b1a1d3f542e1c2bc90a0f68825991bb69e8e163bce2cf8a2c
-
Size
795KB
-
Sample
241109-wqgvysskgm
-
MD5
1d085a6d069495074b4f5a3e0bef98e3
-
SHA1
acfe5565e52859de7d3daf15c24705e985d223d6
-
SHA256
c2859dbd43ab403b1a1d3f542e1c2bc90a0f68825991bb69e8e163bce2cf8a2c
-
SHA512
ba8056e1587e4fa77f92d74039b99f28f306f6ec8efe1b04d2896a247976f961ea07d8e3f941ebf46848d8d61d2cd647175d93ef3643031695211919df82060e
-
SSDEEP
24576:RyQyXL7nWoTr88ztHI3QKvlWvuv+4b76N:EQyPnWoTr88zxKbN
Static task
static1
Behavioral task
behavioral1
Sample
c2859dbd43ab403b1a1d3f542e1c2bc90a0f68825991bb69e8e163bce2cf8a2c.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
c2859dbd43ab403b1a1d3f542e1c2bc90a0f68825991bb69e8e163bce2cf8a2c
-
Size
795KB
-
MD5
1d085a6d069495074b4f5a3e0bef98e3
-
SHA1
acfe5565e52859de7d3daf15c24705e985d223d6
-
SHA256
c2859dbd43ab403b1a1d3f542e1c2bc90a0f68825991bb69e8e163bce2cf8a2c
-
SHA512
ba8056e1587e4fa77f92d74039b99f28f306f6ec8efe1b04d2896a247976f961ea07d8e3f941ebf46848d8d61d2cd647175d93ef3643031695211919df82060e
-
SSDEEP
24576:RyQyXL7nWoTr88ztHI3QKvlWvuv+4b76N:EQyPnWoTr88zxKbN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-