General
-
Target
c036777b1468d10cc5d88590e62b4bd55676b5e15e3a372a3b2659b6b814c01c
-
Size
477KB
-
Sample
241111-ee4rxascpr
-
MD5
2ac7f536593753f4b39b90f6bf5de9be
-
SHA1
9abe059f98e06e28800570e1dd8ab2b06bf94b62
-
SHA256
c036777b1468d10cc5d88590e62b4bd55676b5e15e3a372a3b2659b6b814c01c
-
SHA512
74987a7189a876f2a9e046302106f794b601f9b3d077d32eb9212c5121b262ff839bb8e3196cc3bdc04aec4ee8b4071e266b14253f338667cd4daab8e0b70b5e
-
SSDEEP
12288:lMrgy904tQiusV3GcD2yQQi62xTx5lsFbp:9yxjrVWo9Yl/sVp
Static task
static1
Behavioral task
behavioral1
Sample
c036777b1468d10cc5d88590e62b4bd55676b5e15e3a372a3b2659b6b814c01c.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
c036777b1468d10cc5d88590e62b4bd55676b5e15e3a372a3b2659b6b814c01c
-
Size
477KB
-
MD5
2ac7f536593753f4b39b90f6bf5de9be
-
SHA1
9abe059f98e06e28800570e1dd8ab2b06bf94b62
-
SHA256
c036777b1468d10cc5d88590e62b4bd55676b5e15e3a372a3b2659b6b814c01c
-
SHA512
74987a7189a876f2a9e046302106f794b601f9b3d077d32eb9212c5121b262ff839bb8e3196cc3bdc04aec4ee8b4071e266b14253f338667cd4daab8e0b70b5e
-
SSDEEP
12288:lMrgy904tQiusV3GcD2yQQi62xTx5lsFbp:9yxjrVWo9Yl/sVp
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-