General
-
Target
f40f684a76af2e1f3937c022ac36681075d75a4681d1642e7761dd791517e8ea
-
Size
474KB
-
Sample
241109-zh861ssbll
-
MD5
dc5d4112179775b1dd9fb52a674b9f1e
-
SHA1
f3355166660afc3eae4a46e6f22c3def60b41437
-
SHA256
f40f684a76af2e1f3937c022ac36681075d75a4681d1642e7761dd791517e8ea
-
SHA512
9c81613dbce9f8faf672361f8d8df2d7dffb50b0f67fbe6a37a974097edcabc7eb1c5f49bfca031a56413bb4bf20ac2b16554a8e1bb362cb440af6d4275c891f
-
SSDEEP
6144:Kpy+bnr+ep0yN90QEvD3T0eitgg7pytwhmEq18I6TzqKI7wfYV9kERgrpSIhidA:vMrCy90p3t6ggoeDE8ISqKbKkGopbi+
Static task
static1
Behavioral task
behavioral1
Sample
f40f684a76af2e1f3937c022ac36681075d75a4681d1642e7761dd791517e8ea.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
f40f684a76af2e1f3937c022ac36681075d75a4681d1642e7761dd791517e8ea
-
Size
474KB
-
MD5
dc5d4112179775b1dd9fb52a674b9f1e
-
SHA1
f3355166660afc3eae4a46e6f22c3def60b41437
-
SHA256
f40f684a76af2e1f3937c022ac36681075d75a4681d1642e7761dd791517e8ea
-
SHA512
9c81613dbce9f8faf672361f8d8df2d7dffb50b0f67fbe6a37a974097edcabc7eb1c5f49bfca031a56413bb4bf20ac2b16554a8e1bb362cb440af6d4275c891f
-
SSDEEP
6144:Kpy+bnr+ep0yN90QEvD3T0eitgg7pytwhmEq18I6TzqKI7wfYV9kERgrpSIhidA:vMrCy90p3t6ggoeDE8ISqKbKkGopbi+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-