General
-
Target
9c0cf938a0f006252fe2727694bff63883387b0da121f6abfb7cb689ff37b54b
-
Size
468KB
-
Sample
241110-dtldfayejf
-
MD5
c3c05b0dd125232dd1bd74a883698b81
-
SHA1
7d8eccf46f8a5e4fdd74ac1389173b976e5702b3
-
SHA256
9c0cf938a0f006252fe2727694bff63883387b0da121f6abfb7cb689ff37b54b
-
SHA512
ed70d8fdf69cf1a97ca5232cc08b62cee367ea14a17f5929db8b8377ca4d3b50b28e1ba5047279b3afbd4865bd7070933398615f95a7a1a642d8b3793303b8d3
-
SSDEEP
6144:KYy+bnr+vp0yN90QE0RgZZlCuFTj9bUDW/iJAl0g1WL3OBzE8mrWyzMxIMc4NSW:gMrfy90WgZnCudhjf1WL3OC6yzMxI8j
Static task
static1
Behavioral task
behavioral1
Sample
9c0cf938a0f006252fe2727694bff63883387b0da121f6abfb7cb689ff37b54b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
9c0cf938a0f006252fe2727694bff63883387b0da121f6abfb7cb689ff37b54b
-
Size
468KB
-
MD5
c3c05b0dd125232dd1bd74a883698b81
-
SHA1
7d8eccf46f8a5e4fdd74ac1389173b976e5702b3
-
SHA256
9c0cf938a0f006252fe2727694bff63883387b0da121f6abfb7cb689ff37b54b
-
SHA512
ed70d8fdf69cf1a97ca5232cc08b62cee367ea14a17f5929db8b8377ca4d3b50b28e1ba5047279b3afbd4865bd7070933398615f95a7a1a642d8b3793303b8d3
-
SSDEEP
6144:KYy+bnr+vp0yN90QE0RgZZlCuFTj9bUDW/iJAl0g1WL3OBzE8mrWyzMxIMc4NSW:gMrfy90WgZnCudhjf1WL3OC6yzMxI8j
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-