General
-
Target
20dc795fb32e67157888b5824d1291c0a97143b55ccf4dc370e6b6b4169b59da
-
Size
493KB
-
Sample
241110-xhb56swlak
-
MD5
cd0b04fe305430c9488b295d66e32ac2
-
SHA1
c1ceed2efc8b674b3b7dd5ec8af254d20a2c6bdc
-
SHA256
20dc795fb32e67157888b5824d1291c0a97143b55ccf4dc370e6b6b4169b59da
-
SHA512
979315e8fae16c8988d5197699be1a3f4cf70f29381b0fd5974d81a023cab85e348ab123199506748a4cbde992e23bdbcca61e1fae5c61a5146dc5f493f0c19e
-
SSDEEP
12288:zMroy90BeV/O9BgHyBvxEsvkkcVYSnAat:vyJVSPbcDuSnL
Static task
static1
Behavioral task
behavioral1
Sample
20dc795fb32e67157888b5824d1291c0a97143b55ccf4dc370e6b6b4169b59da.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
20dc795fb32e67157888b5824d1291c0a97143b55ccf4dc370e6b6b4169b59da
-
Size
493KB
-
MD5
cd0b04fe305430c9488b295d66e32ac2
-
SHA1
c1ceed2efc8b674b3b7dd5ec8af254d20a2c6bdc
-
SHA256
20dc795fb32e67157888b5824d1291c0a97143b55ccf4dc370e6b6b4169b59da
-
SHA512
979315e8fae16c8988d5197699be1a3f4cf70f29381b0fd5974d81a023cab85e348ab123199506748a4cbde992e23bdbcca61e1fae5c61a5146dc5f493f0c19e
-
SSDEEP
12288:zMroy90BeV/O9BgHyBvxEsvkkcVYSnAat:vyJVSPbcDuSnL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-