General
-
Target
43d988c727db86d1b8518769c9600022597ad3f28b75aca173493f33215c6fab
-
Size
688KB
-
Sample
241110-zjmdmsxqfr
-
MD5
dfbc1250dd36961a875ab27e028adaa4
-
SHA1
3cd7def41f32025523dc673a0ac13f919e2c83a4
-
SHA256
43d988c727db86d1b8518769c9600022597ad3f28b75aca173493f33215c6fab
-
SHA512
820a15cf00443e12510711ff52392871ad7cdd5a05f16b236a03b3d5ad035f60c8cfe1a6d2511e3dd451c863bea2fc8de4389f1c9b548eb0f70c6c748680ac4c
-
SSDEEP
12288:tUHejlVVSENZ+wUkWkvqIih5twnrnr9o6aOI5HESo7iPCZ1owqRXipXkxLcVd:UyVSENZ+wUkhrihbwn+6fATo7ly3Usi
Static task
static1
Behavioral task
behavioral1
Sample
87ba81bd8ca15ca720539fca25f03617e527b2c2a428d543eefd1948d2d3211b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
87ba81bd8ca15ca720539fca25f03617e527b2c2a428d543eefd1948d2d3211b.exe
-
Size
739KB
-
MD5
5cf0bf58133a5ccba8e4e390b053d50a
-
SHA1
1c16ae8f65b522982cf42c62bd3b8c7ddca81b43
-
SHA256
87ba81bd8ca15ca720539fca25f03617e527b2c2a428d543eefd1948d2d3211b
-
SHA512
3dce1f532d8e841e434d7bcbdb28d8e94b3c7387bbdfa5ef4cd1ebc2eac5a35ed3531ec41fa95f6486d4a0da47505e76a8a25252a9bba21ab5a0d5fcdb482b1f
-
SSDEEP
12288:HMr9y90Zx45AH+3AAi16JwwSW1Qg5+No88owQIPkHFQVNon685uDOJnIHPwgYW6J:iyI45AH+jiOUW1QFm88owQIMHFQ365uk
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-