General
-
Target
0bf61c54c2ec4f608da49f2b2f831d01377a5350cfab03e007d1ad4addadd012
-
Size
632KB
-
Sample
241109-z2agssvpbl
-
MD5
7819b54eab4d63fd1fd46827166c00f8
-
SHA1
1ab7cb6b00a691280e007ebddd45997c862d1757
-
SHA256
0bf61c54c2ec4f608da49f2b2f831d01377a5350cfab03e007d1ad4addadd012
-
SHA512
9e1ddb9545e03f8d3231cf46e3e6bbc4b1ef7e7d493cb71c8fc6ecaf63774c2b59aeb4be1962b501d35a036b986c4c35f5f0f23f421bfab58420e8f6e29876f8
-
SSDEEP
12288:0MrBy90Ws4g6RJXCSO1rTIcjXZcupTd5ppfnYVl:9yQX67CSOVIcjKu35Lfne
Static task
static1
Behavioral task
behavioral1
Sample
0bf61c54c2ec4f608da49f2b2f831d01377a5350cfab03e007d1ad4addadd012.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
zaur
62.204.41.170:4172
-
auth_value
8f24dad16e6d64e3d692e48d05640734
Targets
-
-
Target
0bf61c54c2ec4f608da49f2b2f831d01377a5350cfab03e007d1ad4addadd012
-
Size
632KB
-
MD5
7819b54eab4d63fd1fd46827166c00f8
-
SHA1
1ab7cb6b00a691280e007ebddd45997c862d1757
-
SHA256
0bf61c54c2ec4f608da49f2b2f831d01377a5350cfab03e007d1ad4addadd012
-
SHA512
9e1ddb9545e03f8d3231cf46e3e6bbc4b1ef7e7d493cb71c8fc6ecaf63774c2b59aeb4be1962b501d35a036b986c4c35f5f0f23f421bfab58420e8f6e29876f8
-
SSDEEP
12288:0MrBy90Ws4g6RJXCSO1rTIcjXZcupTd5ppfnYVl:9yQX67CSOVIcjKu35Lfne
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-