General
-
Target
a078e93cc24db2b52b41dde722aaa333.exe
-
Size
217KB
-
Sample
220915-wvax7shebq
-
MD5
a078e93cc24db2b52b41dde722aaa333
-
SHA1
8bc2f863ebdc8334b8cf240fd21a254c754498b6
-
SHA256
bc7da2ff8fd88b93c62d6318a26c17a9bbc14ee658d2064140f4ccdc869764f0
-
SHA512
3156512dfe0316d251b19e0d9c643c8377f5ed2c1397ce202665c70e5875b400a2952623d7af0fbda5c4e0de0f9ff9e4a1c9f27f63e5e8524fe45a7bce19c97c
-
SSDEEP
3072:F9Pz9yUZZ91RI9zIpA4sSBmxShqyXAI5BjzQS8iqI6FFLpRntY8Q233inOHc/i:F9z4w3RIpYxjMP2BjzQS8ij6FjRy8Qp
Static task
static1
Behavioral task
behavioral1
Sample
a078e93cc24db2b52b41dde722aaa333.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a078e93cc24db2b52b41dde722aaa333.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
Lyla.11.09
185.215.113.216:21921
-
auth_value
a1e5192e588aa983d678ceb4d6e0d8b5
Targets
-
-
Target
a078e93cc24db2b52b41dde722aaa333.exe
-
Size
217KB
-
MD5
a078e93cc24db2b52b41dde722aaa333
-
SHA1
8bc2f863ebdc8334b8cf240fd21a254c754498b6
-
SHA256
bc7da2ff8fd88b93c62d6318a26c17a9bbc14ee658d2064140f4ccdc869764f0
-
SHA512
3156512dfe0316d251b19e0d9c643c8377f5ed2c1397ce202665c70e5875b400a2952623d7af0fbda5c4e0de0f9ff9e4a1c9f27f63e5e8524fe45a7bce19c97c
-
SSDEEP
3072:F9Pz9yUZZ91RI9zIpA4sSBmxShqyXAI5BjzQS8iqI6FFLpRntY8Q233inOHc/i:F9z4w3RIpYxjMP2BjzQS8ij6FjRy8Qp
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-