General
-
Target
9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
-
Size
2.6MB
-
Sample
220926-w8nq8acgfp
-
MD5
529174498fbbf1c72fb39af656d5f98f
-
SHA1
439edbff12742da9e15da5ab4a2710f97f947a50
-
SHA256
9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
-
SHA512
ad760ef8d26f645736a05d076baf98731ce99f3d8dd13f7828a09ade228c3da0ddefe50c7a8e9bc5b53488986c86aa708cbc1717e8ad1636e59b3f0f91141abe
-
SSDEEP
24576:RDGV9zhuL8MbAZYfYV9YJuW3MFfdEklRHXO3GNdmNxNUk6ALQvyWu7l3RuQ5531e:YLhuL1bzExYxNUk6A8DEl3k
Static task
static1
Behavioral task
behavioral1
Sample
9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
install1part
185.224.133.182:16382
-
auth_value
01759eb8d6120155c19b779c527fb1e2
Targets
-
-
Target
9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
-
Size
2.6MB
-
MD5
529174498fbbf1c72fb39af656d5f98f
-
SHA1
439edbff12742da9e15da5ab4a2710f97f947a50
-
SHA256
9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
-
SHA512
ad760ef8d26f645736a05d076baf98731ce99f3d8dd13f7828a09ade228c3da0ddefe50c7a8e9bc5b53488986c86aa708cbc1717e8ad1636e59b3f0f91141abe
-
SSDEEP
24576:RDGV9zhuL8MbAZYfYV9YJuW3MFfdEklRHXO3GNdmNxNUk6ALQvyWu7l3RuQ5531e:YLhuL1bzExYxNUk6A8DEl3k
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-