General
-
Target
ab806a9ff3ee43e1344158fe168d95320f8346c05601ee699f9010395c4d0689
-
Size
427KB
-
Sample
241110-cwmtlszqfj
-
MD5
3c5b856c81e3536255c4833d89e23847
-
SHA1
2aec050547b7fb01eee6fc59a4652f4379c804bd
-
SHA256
ab806a9ff3ee43e1344158fe168d95320f8346c05601ee699f9010395c4d0689
-
SHA512
39f9e3a193679d68015c8c15b37ff02e860b8097e2f834eb94191d1d731041036f6ea4cb97f12d3f459ddedf93998d0e3960657c3be06fed5bbc529c3404e0a1
-
SSDEEP
6144:Y94UCpa0KyyFaUiG4L1j+KVOY77nYUmKFLBwYWGBaoHrYnxv7jilVYpzpA:g5NydG4LYkxvaK7BakYxvHilVYzpA
Static task
static1
Behavioral task
behavioral1
Sample
f2f1b99fb9aaf113970283eedd3706f617216812b6dfa957af1f6f45a6c4f951.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
f2f1b99fb9aaf113970283eedd3706f617216812b6dfa957af1f6f45a6c4f951.exe
-
Size
478KB
-
MD5
4de16ba68c446ed764830e2863b76325
-
SHA1
74a148dd1316bacafdf469c72104f1d327e33db9
-
SHA256
f2f1b99fb9aaf113970283eedd3706f617216812b6dfa957af1f6f45a6c4f951
-
SHA512
87dde08d6058046ef554197731065da6ceebf352ccf37845647aaf6b3993b0684a7ff3a77d34c385fd26e67215909b4cd6d0ee05d203f5a236a54e4b64ceefa0
-
SSDEEP
6144:Kwy+bnr+Dp0yN90QEuesGoADrVNIr2/iR2YsEFxhu+IY1pv/olmQ83/C559QfBz/:cMrPy90hrVjaR2ENuYfolro/E9uQS
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-