General
-
Target
d35c17e781d839b034a6e2bdfe99897aa5896747e5f1d1a2bffda1c37524b4d2
-
Size
477KB
-
Sample
241110-wadtcsvlfq
-
MD5
a9941be7f18e0ef768d334cca8d3ddda
-
SHA1
bdad872aa95ca4b92d0a3adead1501228d3c4eaf
-
SHA256
d35c17e781d839b034a6e2bdfe99897aa5896747e5f1d1a2bffda1c37524b4d2
-
SHA512
36b8be41b2a6367d90b8ed8e11a2f40537bc4f78ad7edb9f4b07d1d1767cee479544bff7aa3032d07c550adada4f4b5f0c2fabc70d654866eb5479a35b9e69b1
-
SSDEEP
6144:KUy+bnr+2p0yN90QEz5b5zNLMSUme6YvLLOwLI3YrG5dN7kCUIZNsL8CdT5kxyPy:MMr6y90JrzCN6iOF3YrcdC+sLJ5kfvR
Static task
static1
Behavioral task
behavioral1
Sample
d35c17e781d839b034a6e2bdfe99897aa5896747e5f1d1a2bffda1c37524b4d2.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
d35c17e781d839b034a6e2bdfe99897aa5896747e5f1d1a2bffda1c37524b4d2
-
Size
477KB
-
MD5
a9941be7f18e0ef768d334cca8d3ddda
-
SHA1
bdad872aa95ca4b92d0a3adead1501228d3c4eaf
-
SHA256
d35c17e781d839b034a6e2bdfe99897aa5896747e5f1d1a2bffda1c37524b4d2
-
SHA512
36b8be41b2a6367d90b8ed8e11a2f40537bc4f78ad7edb9f4b07d1d1767cee479544bff7aa3032d07c550adada4f4b5f0c2fabc70d654866eb5479a35b9e69b1
-
SSDEEP
6144:KUy+bnr+2p0yN90QEz5b5zNLMSUme6YvLLOwLI3YrG5dN7kCUIZNsL8CdT5kxyPy:MMr6y90JrzCN6iOF3YrcdC+sLJ5kfvR
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-