General
-
Target
8081a741e0ebfae0838856e02345cf8d7c6bdcf00dc13a5398e61efc7e6e071a
-
Size
550KB
-
Sample
241109-xn4sdazfjh
-
MD5
8e45c0846f8a9eaf91f4684c73f4bf33
-
SHA1
44735637d90bd7a3695958861f56679861d4428f
-
SHA256
8081a741e0ebfae0838856e02345cf8d7c6bdcf00dc13a5398e61efc7e6e071a
-
SHA512
7b52b4fe84e7158c7d2b762b33e75c1794e8e865a3ddd2aa57b9e9bee8db0af17bd7db3aca7842df65b5d0b461c4e8790d8b3b7565de60412d458575fce709ad
-
SSDEEP
12288:PMrky90/LzzIa78nP+cYIqG0fW9RLgWA08Cl90dP2pWX+0lCy9oyX:fy0LzGP+R29oZWKd2YX3N9J
Static task
static1
Behavioral task
behavioral1
Sample
8081a741e0ebfae0838856e02345cf8d7c6bdcf00dc13a5398e61efc7e6e071a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
8081a741e0ebfae0838856e02345cf8d7c6bdcf00dc13a5398e61efc7e6e071a
-
Size
550KB
-
MD5
8e45c0846f8a9eaf91f4684c73f4bf33
-
SHA1
44735637d90bd7a3695958861f56679861d4428f
-
SHA256
8081a741e0ebfae0838856e02345cf8d7c6bdcf00dc13a5398e61efc7e6e071a
-
SHA512
7b52b4fe84e7158c7d2b762b33e75c1794e8e865a3ddd2aa57b9e9bee8db0af17bd7db3aca7842df65b5d0b461c4e8790d8b3b7565de60412d458575fce709ad
-
SSDEEP
12288:PMrky90/LzzIa78nP+cYIqG0fW9RLgWA08Cl90dP2pWX+0lCy9oyX:fy0LzGP+R29oZWKd2YX3N9J
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-