General
-
Target
a130c0c30f13bfc4e0500613230fddad81e02f17d9f7394cc204f127632dae53.exe
-
Size
715KB
-
Sample
241117-xsv12awgkm
-
MD5
5b5198c70733d0587e1df6856d96107e
-
SHA1
34a8a24767b6f0ad6be619b89521150509b2c584
-
SHA256
a130c0c30f13bfc4e0500613230fddad81e02f17d9f7394cc204f127632dae53
-
SHA512
1b7a9e842d3b576298addd645f39ee295d708688ce811d4c92ffaa7c0248b3fd5d2b85cb3866d7c2c0419d17c63a3f6cc4e8d5e951b43f75099b79421353bc21
-
SSDEEP
12288:kMrky905ZGCV7O1RYwuNDnUOierwegK88SfbIPo/jMe/ChjOR0r9EyFGL521D:IyGJV7UMN4zLK88SfbI+jMe/3SREyFGm
Static task
static1
Behavioral task
behavioral1
Sample
a130c0c30f13bfc4e0500613230fddad81e02f17d9f7394cc204f127632dae53.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
a130c0c30f13bfc4e0500613230fddad81e02f17d9f7394cc204f127632dae53.exe
-
Size
715KB
-
MD5
5b5198c70733d0587e1df6856d96107e
-
SHA1
34a8a24767b6f0ad6be619b89521150509b2c584
-
SHA256
a130c0c30f13bfc4e0500613230fddad81e02f17d9f7394cc204f127632dae53
-
SHA512
1b7a9e842d3b576298addd645f39ee295d708688ce811d4c92ffaa7c0248b3fd5d2b85cb3866d7c2c0419d17c63a3f6cc4e8d5e951b43f75099b79421353bc21
-
SSDEEP
12288:kMrky905ZGCV7O1RYwuNDnUOierwegK88SfbIPo/jMe/ChjOR0r9EyFGL521D:IyGJV7UMN4zLK88SfbI+jMe/3SREyFGm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-