General
-
Target
a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e
-
Size
489KB
-
Sample
241111-bv9fjszdmd
-
MD5
3fd044e31bbca5fd7de875f96116e9f0
-
SHA1
61820eddff99f84d45906ffc55f681daca5604e5
-
SHA256
a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e
-
SHA512
56805b145a0e6b35c1b415d36d474c01019edd7b748a49200ece4e5cc1f229d0afefb6bba02a44b5af7c2b896c05b3779311d9ff09894bc442ab041338abb4b2
-
SSDEEP
12288:FMrhy90zwy7miItztxx/egvZPJGnEg+HoL99D4s:Yyewp/pt2wZopwox9cs
Static task
static1
Behavioral task
behavioral1
Sample
a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dubur
217.196.96.102:4132
-
auth_value
32d04179aa1e8d655d2d80c21f99de41
Targets
-
-
Target
a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e
-
Size
489KB
-
MD5
3fd044e31bbca5fd7de875f96116e9f0
-
SHA1
61820eddff99f84d45906ffc55f681daca5604e5
-
SHA256
a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e
-
SHA512
56805b145a0e6b35c1b415d36d474c01019edd7b748a49200ece4e5cc1f229d0afefb6bba02a44b5af7c2b896c05b3779311d9ff09894bc442ab041338abb4b2
-
SSDEEP
12288:FMrhy90zwy7miItztxx/egvZPJGnEg+HoL99D4s:Yyewp/pt2wZopwox9cs
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-