General
-
Target
b92ad5e58df2ca2fabacc0f54c5b925912ab58095c81f7a58f1a20b63d8956ab.exe
-
Size
200KB
-
Sample
241117-wfr8yavgkq
-
MD5
32f857011d83e7cf82aa66ef66e5dc7e
-
SHA1
44b0efa7474e92dc29d3d4a307154d618e1d2622
-
SHA256
b92ad5e58df2ca2fabacc0f54c5b925912ab58095c81f7a58f1a20b63d8956ab
-
SHA512
1ceed778f1bbd9c1c1eedb41cc685387048113584ce1445a8ba9f71e7c569791d7da7d4948ba526cb997ccab9cd4a89426f7d3927721133e3aafd6b27911ff23
-
SSDEEP
3072:K3y+bnr+O105GWp1icKAArDZz4N9GhbkrNEk6zzacxnKSfSyxplY7h:K3y+bnr+Tp0yN90QERzZxnKSns1
Static task
static1
Behavioral task
behavioral1
Sample
b92ad5e58df2ca2fabacc0f54c5b925912ab58095c81f7a58f1a20b63d8956ab.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
b92ad5e58df2ca2fabacc0f54c5b925912ab58095c81f7a58f1a20b63d8956ab.exe
-
Size
200KB
-
MD5
32f857011d83e7cf82aa66ef66e5dc7e
-
SHA1
44b0efa7474e92dc29d3d4a307154d618e1d2622
-
SHA256
b92ad5e58df2ca2fabacc0f54c5b925912ab58095c81f7a58f1a20b63d8956ab
-
SHA512
1ceed778f1bbd9c1c1eedb41cc685387048113584ce1445a8ba9f71e7c569791d7da7d4948ba526cb997ccab9cd4a89426f7d3927721133e3aafd6b27911ff23
-
SSDEEP
3072:K3y+bnr+O105GWp1icKAArDZz4N9GhbkrNEk6zzacxnKSfSyxplY7h:K3y+bnr+Tp0yN90QERzZxnKSns1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-