General
-
Target
9c299c7b9f5c81345d447e6e41fa7b1c81e98f6d32bcced204746687f4d91250
-
Size
549KB
-
Sample
241110-dbz4wa1lak
-
MD5
42593925233253e63e9d6ce90dc903f3
-
SHA1
1b8a8c46b0393642999cc7211722bed46674680c
-
SHA256
9c299c7b9f5c81345d447e6e41fa7b1c81e98f6d32bcced204746687f4d91250
-
SHA512
559bfa2e750bf7b8197b1f437de663776cdbc7e46a8e4ef2726576d4a34c0c08dd692c426f39b85d8c67414aa4a900b5f2098d9ddf5fd377971c194addfa9e3d
-
SSDEEP
12288:rMrPy90PwK7cVQdLuHeu+KZl/A0X0LLnA34Lpc6w:ky+wKAVOuHe0T40Eg34L66w
Static task
static1
Behavioral task
behavioral1
Sample
9c299c7b9f5c81345d447e6e41fa7b1c81e98f6d32bcced204746687f4d91250.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
9c299c7b9f5c81345d447e6e41fa7b1c81e98f6d32bcced204746687f4d91250
-
Size
549KB
-
MD5
42593925233253e63e9d6ce90dc903f3
-
SHA1
1b8a8c46b0393642999cc7211722bed46674680c
-
SHA256
9c299c7b9f5c81345d447e6e41fa7b1c81e98f6d32bcced204746687f4d91250
-
SHA512
559bfa2e750bf7b8197b1f437de663776cdbc7e46a8e4ef2726576d4a34c0c08dd692c426f39b85d8c67414aa4a900b5f2098d9ddf5fd377971c194addfa9e3d
-
SSDEEP
12288:rMrPy90PwK7cVQdLuHeu+KZl/A0X0LLnA34Lpc6w:ky+wKAVOuHe0T40Eg34L66w
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-