General
-
Target
49bd49d598a5c592d7f1ba290ea53e35ce9b6e0bf8d4386bfad4de7b22e28eac
-
Size
478KB
-
Sample
241109-zsfmfs1nbx
-
MD5
2d561c8ff41dce0f38fc7022eb0a8383
-
SHA1
4a7918ed329294ca266b3b4c13b7757cb042c8bd
-
SHA256
49bd49d598a5c592d7f1ba290ea53e35ce9b6e0bf8d4386bfad4de7b22e28eac
-
SHA512
0621ed049c8bc3e3f1215414ea05bb74e6f3ef9c04c58fa0bf281e4b4c037343fa5d2e8969168306b72cb0ee7678752f86c86d5e3b61aaef3bec6c4ff6f43b62
-
SSDEEP
6144:Kuy+bnr+Op0yN90QE+z/VPI0mfgzExAodzATxrgo1RUA3kwdg2agoxUZxCeCAejJ:CMr+y90Ez/VCIaAazzi2A3kw2wOCQ
Static task
static1
Behavioral task
behavioral1
Sample
49bd49d598a5c592d7f1ba290ea53e35ce9b6e0bf8d4386bfad4de7b22e28eac.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
49bd49d598a5c592d7f1ba290ea53e35ce9b6e0bf8d4386bfad4de7b22e28eac
-
Size
478KB
-
MD5
2d561c8ff41dce0f38fc7022eb0a8383
-
SHA1
4a7918ed329294ca266b3b4c13b7757cb042c8bd
-
SHA256
49bd49d598a5c592d7f1ba290ea53e35ce9b6e0bf8d4386bfad4de7b22e28eac
-
SHA512
0621ed049c8bc3e3f1215414ea05bb74e6f3ef9c04c58fa0bf281e4b4c037343fa5d2e8969168306b72cb0ee7678752f86c86d5e3b61aaef3bec6c4ff6f43b62
-
SSDEEP
6144:Kuy+bnr+Op0yN90QE+z/VPI0mfgzExAodzATxrgo1RUA3kwdg2agoxUZxCeCAejJ:CMr+y90Ez/VCIaAazzi2A3kw2wOCQ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-