General
-
Target
7e41e4fa8bcf767005dd15b35ad8d4a970902cbeee448be478355be6c0001419
-
Size
200KB
-
Sample
241118-b6f85szner
-
MD5
e941afe5e63ec9b759b5ee8454911217
-
SHA1
a7f3a5d0666d7c8936626cc964236a54d7150527
-
SHA256
7e41e4fa8bcf767005dd15b35ad8d4a970902cbeee448be478355be6c0001419
-
SHA512
43fa0cdd3f7aa29bc720328b184340a8fadf7d56ddb129f9cbd5c3a5c2881b61d585ef6c5dc288ba6c2bb63b00b70a52a77a93ede4fa68d0886d714834f7519e
-
SSDEEP
3072:KTy+bnr+O1w5GWp1icKAArDZz4N9GhbkrNEk61zacxnKSfSyxAlY7:KTy+bnr+vp0yN90QEHzZxnKSnt
Static task
static1
Behavioral task
behavioral1
Sample
7e41e4fa8bcf767005dd15b35ad8d4a970902cbeee448be478355be6c0001419.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
7e41e4fa8bcf767005dd15b35ad8d4a970902cbeee448be478355be6c0001419
-
Size
200KB
-
MD5
e941afe5e63ec9b759b5ee8454911217
-
SHA1
a7f3a5d0666d7c8936626cc964236a54d7150527
-
SHA256
7e41e4fa8bcf767005dd15b35ad8d4a970902cbeee448be478355be6c0001419
-
SHA512
43fa0cdd3f7aa29bc720328b184340a8fadf7d56ddb129f9cbd5c3a5c2881b61d585ef6c5dc288ba6c2bb63b00b70a52a77a93ede4fa68d0886d714834f7519e
-
SSDEEP
3072:KTy+bnr+O1w5GWp1icKAArDZz4N9GhbkrNEk61zacxnKSfSyxAlY7:KTy+bnr+vp0yN90QEHzZxnKSnt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-