General
-
Target
34d9db61454a48fee1a350de1b58acdefb49fad470d225bb8dfd58fc1707ad10
-
Size
494KB
-
Sample
241109-ywad6s1epa
-
MD5
a98f54e4de985978ebdbe4169a5b9b3b
-
SHA1
b54b9784a9de57238918fe0b377d57c665d11731
-
SHA256
34d9db61454a48fee1a350de1b58acdefb49fad470d225bb8dfd58fc1707ad10
-
SHA512
f17fde4453d045a5f3ec1dac23df97ccc92a600ea442c9b3b0ef772e891b574615184ff21506e6ff4e37f93166da81b2f772427dff7cc61e9ddc1f4bf5e417d0
-
SSDEEP
12288:wMrry907XDkEABRJLDWB5Z1eXhUTjM3xkE+S9JbMb7:LyWAEsvoZ1tT4ySTbMX
Static task
static1
Behavioral task
behavioral1
Sample
34d9db61454a48fee1a350de1b58acdefb49fad470d225bb8dfd58fc1707ad10.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
34d9db61454a48fee1a350de1b58acdefb49fad470d225bb8dfd58fc1707ad10
-
Size
494KB
-
MD5
a98f54e4de985978ebdbe4169a5b9b3b
-
SHA1
b54b9784a9de57238918fe0b377d57c665d11731
-
SHA256
34d9db61454a48fee1a350de1b58acdefb49fad470d225bb8dfd58fc1707ad10
-
SHA512
f17fde4453d045a5f3ec1dac23df97ccc92a600ea442c9b3b0ef772e891b574615184ff21506e6ff4e37f93166da81b2f772427dff7cc61e9ddc1f4bf5e417d0
-
SSDEEP
12288:wMrry907XDkEABRJLDWB5Z1eXhUTjM3xkE+S9JbMb7:LyWAEsvoZ1tT4ySTbMX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-