General
-
Target
b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3
-
Size
272KB
-
Sample
241110-knwesatckl
-
MD5
584f4c94699201015ca0e588b7b8dde7
-
SHA1
1363577f87bfb243bd1b2b3c9a51725b11a279d7
-
SHA256
b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3
-
SHA512
ff626f9160161bfeeb2293749c9619c7b7be8a0472f4b7e50b754a6b86579dbd81c4fbefd10e6ac68c1fdd878d02ee2189c9b6d37b3705ee4060ecaaf81ef934
-
SSDEEP
3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz
Behavioral task
behavioral1
Sample
b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3
-
Size
272KB
-
MD5
584f4c94699201015ca0e588b7b8dde7
-
SHA1
1363577f87bfb243bd1b2b3c9a51725b11a279d7
-
SHA256
b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3
-
SHA512
ff626f9160161bfeeb2293749c9619c7b7be8a0472f4b7e50b754a6b86579dbd81c4fbefd10e6ac68c1fdd878d02ee2189c9b6d37b3705ee4060ecaaf81ef934
-
SSDEEP
3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-