General
-
Target
caf9c5b198cf0ab2ee8befb9c3b4243aad201acbb1e0771973a4371add35eb89N.exe
-
Size
200KB
-
Sample
241119-am9wnssrdp
-
MD5
9c62ddd45dc039130da7d900eb3d4840
-
SHA1
e2c195d67561e59223fa51fafdb9bb6b75f61f60
-
SHA256
caf9c5b198cf0ab2ee8befb9c3b4243aad201acbb1e0771973a4371add35eb89
-
SHA512
dcd2ffc70d48c96aab934076de9ef51d4f25c61133fc0fd44c666ad2451bbc48a46ed44ad665839de908391e6375bcc889523e145f774acebc08a85d68f867b4
-
SSDEEP
3072:K3y+bnr+O105GWp1icKAArDZz4N9GhbkrNEk6zzacxnKSfSyxplY7:K3y+bnr+Tp0yN90QERzZxnKSns
Static task
static1
Behavioral task
behavioral1
Sample
caf9c5b198cf0ab2ee8befb9c3b4243aad201acbb1e0771973a4371add35eb89N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fusa
193.233.20.12:4132
-
auth_value
a08b2f01bd2af756e38c5dd60e87e697
Targets
-
-
Target
caf9c5b198cf0ab2ee8befb9c3b4243aad201acbb1e0771973a4371add35eb89N.exe
-
Size
200KB
-
MD5
9c62ddd45dc039130da7d900eb3d4840
-
SHA1
e2c195d67561e59223fa51fafdb9bb6b75f61f60
-
SHA256
caf9c5b198cf0ab2ee8befb9c3b4243aad201acbb1e0771973a4371add35eb89
-
SHA512
dcd2ffc70d48c96aab934076de9ef51d4f25c61133fc0fd44c666ad2451bbc48a46ed44ad665839de908391e6375bcc889523e145f774acebc08a85d68f867b4
-
SSDEEP
3072:K3y+bnr+O105GWp1icKAArDZz4N9GhbkrNEk6zzacxnKSfSyxplY7:K3y+bnr+Tp0yN90QERzZxnKSns
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-