General
-
Target
ef54d9f2ab875b576dcb9acc7fbd1234c607bda303905c1ad4807c18178bfa0d
-
Size
550KB
-
Sample
241110-bjq5tswdnp
-
MD5
e8605b88759e2aee6430572bc5ca5dc3
-
SHA1
023f7314451cd89edf819df92d5f3ed2f0a8ddfe
-
SHA256
ef54d9f2ab875b576dcb9acc7fbd1234c607bda303905c1ad4807c18178bfa0d
-
SHA512
3a1ec3d6d9700dfd9205e510de7e9aa37ae0544d8894d1914171427438ba41738bcebcc73725f0cb90b3cdfa25cd81918b8354f989b612ef80fbcc4db778f3e9
-
SSDEEP
12288:SMrYy90oty8NsVvz+HuWkHi8y/ELqYe7cZG8voZ:+yT8VLek+XgoZ
Static task
static1
Behavioral task
behavioral1
Sample
ef54d9f2ab875b576dcb9acc7fbd1234c607bda303905c1ad4807c18178bfa0d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
ef54d9f2ab875b576dcb9acc7fbd1234c607bda303905c1ad4807c18178bfa0d
-
Size
550KB
-
MD5
e8605b88759e2aee6430572bc5ca5dc3
-
SHA1
023f7314451cd89edf819df92d5f3ed2f0a8ddfe
-
SHA256
ef54d9f2ab875b576dcb9acc7fbd1234c607bda303905c1ad4807c18178bfa0d
-
SHA512
3a1ec3d6d9700dfd9205e510de7e9aa37ae0544d8894d1914171427438ba41738bcebcc73725f0cb90b3cdfa25cd81918b8354f989b612ef80fbcc4db778f3e9
-
SSDEEP
12288:SMrYy90oty8NsVvz+HuWkHi8y/ELqYe7cZG8voZ:+yT8VLek+XgoZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-