General
-
Target
fbb5cf5c13f61fd6d876252af29c6cc51d93d4b69dcf1dde61cda6f03513420e
-
Size
797KB
-
Sample
241110-vh2dystrak
-
MD5
ab36eb1d4cd5f84903a3da164d2ac41f
-
SHA1
46963a253a259556075ce1aee85b56707dc3c213
-
SHA256
fbb5cf5c13f61fd6d876252af29c6cc51d93d4b69dcf1dde61cda6f03513420e
-
SHA512
566ef85945eb1fc5072f1239ed042ebfcde6a6091ee476b079f0bed2f4d1a10ffd8ff9c6782507fce267d3c0d6c6610ad483c97b3906103723e0bd60a47fdcaf
-
SSDEEP
24576:5y4uwAQ4vQy/889ygINJFu0TckHyopEwi4:s+Jy/889Dciwi
Static task
static1
Behavioral task
behavioral1
Sample
fbb5cf5c13f61fd6d876252af29c6cc51d93d4b69dcf1dde61cda6f03513420e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
fbb5cf5c13f61fd6d876252af29c6cc51d93d4b69dcf1dde61cda6f03513420e
-
Size
797KB
-
MD5
ab36eb1d4cd5f84903a3da164d2ac41f
-
SHA1
46963a253a259556075ce1aee85b56707dc3c213
-
SHA256
fbb5cf5c13f61fd6d876252af29c6cc51d93d4b69dcf1dde61cda6f03513420e
-
SHA512
566ef85945eb1fc5072f1239ed042ebfcde6a6091ee476b079f0bed2f4d1a10ffd8ff9c6782507fce267d3c0d6c6610ad483c97b3906103723e0bd60a47fdcaf
-
SSDEEP
24576:5y4uwAQ4vQy/889ygINJFu0TckHyopEwi4:s+Jy/889Dciwi
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-