General
-
Target
973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8
-
Size
473KB
-
Sample
241111-e28dlstaqd
-
MD5
ff80564d07215aa1507e132760f98646
-
SHA1
45de7312f6f703b717e629240680384ac10165e1
-
SHA256
973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8
-
SHA512
23aa303edfc1dfdc7e8a3800e9de7f331fcc2bdbea4b879aec17cf71639c0e5c10738339dee29e85ffa245639bd675beb110c7081e53253d396fa1c0e6eaf184
-
SSDEEP
12288:uMrMy907Xc8V5sQoyIho+V5wTIqFvXif:OyAXlVNodo+v9ok
Static task
static1
Behavioral task
behavioral1
Sample
973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8
-
Size
473KB
-
MD5
ff80564d07215aa1507e132760f98646
-
SHA1
45de7312f6f703b717e629240680384ac10165e1
-
SHA256
973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8
-
SHA512
23aa303edfc1dfdc7e8a3800e9de7f331fcc2bdbea4b879aec17cf71639c0e5c10738339dee29e85ffa245639bd675beb110c7081e53253d396fa1c0e6eaf184
-
SSDEEP
12288:uMrMy907Xc8V5sQoyIho+V5wTIqFvXif:OyAXlVNodo+v9ok
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-