General
-
Target
bfee75d6cfc4d9e392ae1b3ea219b11c9c6e15f544fb3e3c004b5fd9fa01ec21
-
Size
478KB
-
Sample
241110-a19stswbqa
-
MD5
7aa8445b749acbfc40624378f1b9ee24
-
SHA1
b0fb61a38717c4b5fb085fa85dc6c86f03d29c64
-
SHA256
bfee75d6cfc4d9e392ae1b3ea219b11c9c6e15f544fb3e3c004b5fd9fa01ec21
-
SHA512
8cb230a8b7a8ddcc669dfbd5675d15c6359da9c6887afaf71002ba26acd3c7fe63ee7c59a39f02a796387518a3e6d8655519ff801e262368f2969ef9d03d38c3
-
SSDEEP
12288:vMrZy901gRUmysPR8W320YZi5lKdf9sdCHhF6:+yQ7IJrIiDKdnhF6
Static task
static1
Behavioral task
behavioral1
Sample
bfee75d6cfc4d9e392ae1b3ea219b11c9c6e15f544fb3e3c004b5fd9fa01ec21.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
bfee75d6cfc4d9e392ae1b3ea219b11c9c6e15f544fb3e3c004b5fd9fa01ec21
-
Size
478KB
-
MD5
7aa8445b749acbfc40624378f1b9ee24
-
SHA1
b0fb61a38717c4b5fb085fa85dc6c86f03d29c64
-
SHA256
bfee75d6cfc4d9e392ae1b3ea219b11c9c6e15f544fb3e3c004b5fd9fa01ec21
-
SHA512
8cb230a8b7a8ddcc669dfbd5675d15c6359da9c6887afaf71002ba26acd3c7fe63ee7c59a39f02a796387518a3e6d8655519ff801e262368f2969ef9d03d38c3
-
SSDEEP
12288:vMrZy901gRUmysPR8W320YZi5lKdf9sdCHhF6:+yQ7IJrIiDKdnhF6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-