General
-
Target
8feb782a3afa23ea9ea09f7fd1beca77c5ed59188095079d0d1e86349e988776
-
Size
477KB
-
Sample
241109-xydzpszhkp
-
MD5
6b7d61175d9b8259f5756bdf6ef71513
-
SHA1
711fbffda11005ff83406f9089806ac635af0e9c
-
SHA256
8feb782a3afa23ea9ea09f7fd1beca77c5ed59188095079d0d1e86349e988776
-
SHA512
04311a973caf5123a5789a8a663d760f7403a9d82adc639e7f5c053bed8175ead9b3f39932dc4215823ecd68ba1f993a06c56b68054a821bff050a3b6c78c919
-
SSDEEP
12288:MMrWy90l3GeUVUcO8RDKsrdU1SoZIFfW/Bb:CyI2zV9RWN16+
Static task
static1
Behavioral task
behavioral1
Sample
8feb782a3afa23ea9ea09f7fd1beca77c5ed59188095079d0d1e86349e988776.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
8feb782a3afa23ea9ea09f7fd1beca77c5ed59188095079d0d1e86349e988776
-
Size
477KB
-
MD5
6b7d61175d9b8259f5756bdf6ef71513
-
SHA1
711fbffda11005ff83406f9089806ac635af0e9c
-
SHA256
8feb782a3afa23ea9ea09f7fd1beca77c5ed59188095079d0d1e86349e988776
-
SHA512
04311a973caf5123a5789a8a663d760f7403a9d82adc639e7f5c053bed8175ead9b3f39932dc4215823ecd68ba1f993a06c56b68054a821bff050a3b6c78c919
-
SSDEEP
12288:MMrWy90l3GeUVUcO8RDKsrdU1SoZIFfW/Bb:CyI2zV9RWN16+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-