General
-
Target
4f5563c4318fe7d1beeebbe9a6b2258c3afe1ec5ee8f2a2c27d3280e5e5e3042
-
Size
478KB
-
Sample
241110-xlck4swlfk
-
MD5
501a4db886c5cc6b3017f4c8e4aa6e1e
-
SHA1
75bfbccca38027ac19e1ea3d78d0925f8bc0cca0
-
SHA256
4f5563c4318fe7d1beeebbe9a6b2258c3afe1ec5ee8f2a2c27d3280e5e5e3042
-
SHA512
8c3d9617240f896d9c47ac5f621542eaddfa7ab97a8793056ad8f6557f1b7ed24941511b7d3131ec6c2eae7819de4d36db0f8f79e3a801259660cc2884177137
-
SSDEEP
12288:GMrHy90iRh7pVMHO09SxXOvtOJjkTTjMhzT5nHg:pynpOHzYdOvt7TjMzHg
Static task
static1
Behavioral task
behavioral1
Sample
4f5563c4318fe7d1beeebbe9a6b2258c3afe1ec5ee8f2a2c27d3280e5e5e3042.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
4f5563c4318fe7d1beeebbe9a6b2258c3afe1ec5ee8f2a2c27d3280e5e5e3042
-
Size
478KB
-
MD5
501a4db886c5cc6b3017f4c8e4aa6e1e
-
SHA1
75bfbccca38027ac19e1ea3d78d0925f8bc0cca0
-
SHA256
4f5563c4318fe7d1beeebbe9a6b2258c3afe1ec5ee8f2a2c27d3280e5e5e3042
-
SHA512
8c3d9617240f896d9c47ac5f621542eaddfa7ab97a8793056ad8f6557f1b7ed24941511b7d3131ec6c2eae7819de4d36db0f8f79e3a801259660cc2884177137
-
SSDEEP
12288:GMrHy90iRh7pVMHO09SxXOvtOJjkTTjMhzT5nHg:pynpOHzYdOvt7TjMzHg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-