General
-
Target
c9ae94b7e143602bc1123dc98058cee654eaea969e413411028c1a29a6ebc410
-
Size
738KB
-
Sample
241110-q1rv1syaqf
-
MD5
76558c734dee1b4e7908c3a9a66a6ec7
-
SHA1
49d12108ddda2d3308c60d9d1bbea543b600d1c0
-
SHA256
c9ae94b7e143602bc1123dc98058cee654eaea969e413411028c1a29a6ebc410
-
SHA512
888171d359ea0642d50c8c39bfb67548f31a500777dddebbb718782d2e12c438d2daca0a38f9057beadada2f394e00e78e9d1e2436069752e9fe2661fbdc03cf
-
SSDEEP
12288:gMrUy90qLl744oDYDUAjwT1fVPqrNDO4z14rLRMB5SE62UM7kAURFv:Eyha4GYDUA8PqrNDJz1c1MrSYUIXURB
Static task
static1
Behavioral task
behavioral1
Sample
c9ae94b7e143602bc1123dc98058cee654eaea969e413411028c1a29a6ebc410.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
c9ae94b7e143602bc1123dc98058cee654eaea969e413411028c1a29a6ebc410
-
Size
738KB
-
MD5
76558c734dee1b4e7908c3a9a66a6ec7
-
SHA1
49d12108ddda2d3308c60d9d1bbea543b600d1c0
-
SHA256
c9ae94b7e143602bc1123dc98058cee654eaea969e413411028c1a29a6ebc410
-
SHA512
888171d359ea0642d50c8c39bfb67548f31a500777dddebbb718782d2e12c438d2daca0a38f9057beadada2f394e00e78e9d1e2436069752e9fe2661fbdc03cf
-
SSDEEP
12288:gMrUy90qLl744oDYDUAjwT1fVPqrNDO4z14rLRMB5SE62UM7kAURFv:Eyha4GYDUA8PqrNDJz1c1MrSYUIXURB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-