General
-
Target
79830d1eff53da3fec0f8867806957b8492129715fc0203b40ba139150c1964f
-
Size
462KB
-
Sample
221002-18hbnaeegm
-
MD5
22efd9ebef79f6cb0819ea6bf30e72dd
-
SHA1
1ad43af63f7905787e799a49f67fdc6364961747
-
SHA256
79830d1eff53da3fec0f8867806957b8492129715fc0203b40ba139150c1964f
-
SHA512
10cfb6cf28a5c780ab81be5dc0c3398c6bbbe8b70b8cbf72ba0895ef5c4636902a696caead1c30b9d4bafaa98c097f73974819e2abacda0debfe38a8e84cba44
-
SSDEEP
6144:hEKTXHzlzI2jrvCAxc0Q/pUupBKTuRgM71yFAA141rHn/cOttumgWWZKLgVEV3pS:HZrvgwcCI1+AZ1rFxSQsVEV3pRM
Static task
static1
Behavioral task
behavioral1
Sample
79830d1eff53da3fec0f8867806957b8492129715fc0203b40ba139150c1964f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
79830d1eff53da3fec0f8867806957b8492129715fc0203b40ba139150c1964f.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
80.66.87.22:80
-
auth_value
41a6a625b18cc9db34df665792120c7a
Targets
-
-
Target
79830d1eff53da3fec0f8867806957b8492129715fc0203b40ba139150c1964f
-
Size
462KB
-
MD5
22efd9ebef79f6cb0819ea6bf30e72dd
-
SHA1
1ad43af63f7905787e799a49f67fdc6364961747
-
SHA256
79830d1eff53da3fec0f8867806957b8492129715fc0203b40ba139150c1964f
-
SHA512
10cfb6cf28a5c780ab81be5dc0c3398c6bbbe8b70b8cbf72ba0895ef5c4636902a696caead1c30b9d4bafaa98c097f73974819e2abacda0debfe38a8e84cba44
-
SSDEEP
6144:hEKTXHzlzI2jrvCAxc0Q/pUupBKTuRgM71yFAA141rHn/cOttumgWWZKLgVEV3pS:HZrvgwcCI1+AZ1rFxSQsVEV3pRM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-