General
-
Target
cf3191d7873d1d0d1a518b3e7866d55013dba11e6e38b9a563a370399140871d
-
Size
728KB
-
Sample
241109-zm117svlfp
-
MD5
fc9f5c91984abc9efbf747e829db8a36
-
SHA1
fede59a7325b806831d46645577ab0b2c7cb7b0c
-
SHA256
cf3191d7873d1d0d1a518b3e7866d55013dba11e6e38b9a563a370399140871d
-
SHA512
8b5eacc6fee0605824cda345594fd338c824e6fd24e11aae6c9ae65e477118721ff611e2c1e44a3daec6be41f9807aa0c7dd890b3e7de0769880e99c13a92e87
-
SSDEEP
12288:FMroy90YXXtT95zZmML4vgJtvY4MO9mbw88yAqIPo2QHJLccKnfS546X9530fWP2:dy/Xtnz4MLpJtvY6Ibw88yAqIpkJLM6k
Static task
static1
Behavioral task
behavioral1
Sample
cf3191d7873d1d0d1a518b3e7866d55013dba11e6e38b9a563a370399140871d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
cf3191d7873d1d0d1a518b3e7866d55013dba11e6e38b9a563a370399140871d
-
Size
728KB
-
MD5
fc9f5c91984abc9efbf747e829db8a36
-
SHA1
fede59a7325b806831d46645577ab0b2c7cb7b0c
-
SHA256
cf3191d7873d1d0d1a518b3e7866d55013dba11e6e38b9a563a370399140871d
-
SHA512
8b5eacc6fee0605824cda345594fd338c824e6fd24e11aae6c9ae65e477118721ff611e2c1e44a3daec6be41f9807aa0c7dd890b3e7de0769880e99c13a92e87
-
SSDEEP
12288:FMroy90YXXtT95zZmML4vgJtvY4MO9mbw88yAqIPo2QHJLccKnfS546X9530fWP2:dy/Xtnz4MLpJtvY6Ibw88yAqIpkJLM6k
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-