General
-
Target
728a931f647782bd62d8be58077b0a446db865bac40edc92a9848c60351d64d8
-
Size
478KB
-
Sample
241110-x35m8atbjn
-
MD5
8c6e0fb39642cd27917012c997d5eddb
-
SHA1
ffabd7f34a5b56f3a48a1a8b0e2f610c19bd7a14
-
SHA256
728a931f647782bd62d8be58077b0a446db865bac40edc92a9848c60351d64d8
-
SHA512
434fa8681727112caaedad3fbaec4f350c978b5badbe4196be5c8b2b57bec4b02ef7c4b8109f2d32f0be36275690a97316f154e3b723ef55ee7b41726f9f3903
-
SSDEEP
6144:KPy+bnr+Tp0yN90QE24bXkVIodVRvUBvVJujnPKc/5v8z8y3UUmO9VZ2fBj7fCCG:hMr7y90NXkVBvQVJujPKs50Dox7fFwt
Static task
static1
Behavioral task
behavioral1
Sample
728a931f647782bd62d8be58077b0a446db865bac40edc92a9848c60351d64d8.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
728a931f647782bd62d8be58077b0a446db865bac40edc92a9848c60351d64d8
-
Size
478KB
-
MD5
8c6e0fb39642cd27917012c997d5eddb
-
SHA1
ffabd7f34a5b56f3a48a1a8b0e2f610c19bd7a14
-
SHA256
728a931f647782bd62d8be58077b0a446db865bac40edc92a9848c60351d64d8
-
SHA512
434fa8681727112caaedad3fbaec4f350c978b5badbe4196be5c8b2b57bec4b02ef7c4b8109f2d32f0be36275690a97316f154e3b723ef55ee7b41726f9f3903
-
SSDEEP
6144:KPy+bnr+Tp0yN90QE24bXkVIodVRvUBvVJujnPKc/5v8z8y3UUmO9VZ2fBj7fCCG:hMr7y90NXkVBvQVJujPKs50Dox7fFwt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-