General
-
Target
8cf80e38f9c80878bcd4b791c50a3326c625c2aa4de1bc89dd06807eb2f7187b
-
Size
723KB
-
Sample
241111-fs6n4atfmb
-
MD5
e4c30394132b939f3ed30d5ce54a859f
-
SHA1
d0776883f71ff6bd048a49533150cb49e2b6e91e
-
SHA256
8cf80e38f9c80878bcd4b791c50a3326c625c2aa4de1bc89dd06807eb2f7187b
-
SHA512
6ee05a2fa7782e7a34571fd16383c6119a3e8113e1a97faaa1c238035f0ac951bf091e2d83764cb2d93f4c27de63f828bfcc6fb136202dcf033de28b809475a5
-
SSDEEP
12288:YMryy90j8kWpbFCwEQf7GaVM7bR388AruIPwUk+IdX3OOx1Z/zhiEH:qyIWZEQ6uMvR388AruIloX3OCZ/zcEH
Static task
static1
Behavioral task
behavioral1
Sample
8cf80e38f9c80878bcd4b791c50a3326c625c2aa4de1bc89dd06807eb2f7187b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
8cf80e38f9c80878bcd4b791c50a3326c625c2aa4de1bc89dd06807eb2f7187b
-
Size
723KB
-
MD5
e4c30394132b939f3ed30d5ce54a859f
-
SHA1
d0776883f71ff6bd048a49533150cb49e2b6e91e
-
SHA256
8cf80e38f9c80878bcd4b791c50a3326c625c2aa4de1bc89dd06807eb2f7187b
-
SHA512
6ee05a2fa7782e7a34571fd16383c6119a3e8113e1a97faaa1c238035f0ac951bf091e2d83764cb2d93f4c27de63f828bfcc6fb136202dcf033de28b809475a5
-
SSDEEP
12288:YMryy90j8kWpbFCwEQf7GaVM7bR388AruIPwUk+IdX3OOx1Z/zhiEH:qyIWZEQ6uMvR388AruIloX3OCZ/zcEH
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-