General
-
Target
94630dcd256f52e3a0123844fff4b0a0214c1ea11cda72ee5e59dc057f5badca
-
Size
872KB
-
Sample
221003-cj3z3adcdr
-
MD5
fee9c5f1f2f236987cad3ed8015bf9aa
-
SHA1
8e940837b17cea9debedadc91d43721927f0aabc
-
SHA256
94630dcd256f52e3a0123844fff4b0a0214c1ea11cda72ee5e59dc057f5badca
-
SHA512
0c13a7118b0432234dcb6c9bcd28d2dd25479eb213ce63d9ab4f964ac109864dff3cb57754181ecaa42651f06cc00c72fd55eca38747abc87839544f1f622e61
-
SSDEEP
12288:IJCLK4HTNRRvi8D9/CK6MkGF8URcX6FeJNz+xd4N:Tw8xru08URngJhW
Static task
static1
Behavioral task
behavioral1
Sample
94630dcd256f52e3a0123844fff4b0a0214c1ea11cda72ee5e59dc057f5badca.exe
Resource
win10-20220901-en
Malware Config
Extracted
redline
sirus
147.124.223.126:4444
Targets
-
-
Target
94630dcd256f52e3a0123844fff4b0a0214c1ea11cda72ee5e59dc057f5badca
-
Size
872KB
-
MD5
fee9c5f1f2f236987cad3ed8015bf9aa
-
SHA1
8e940837b17cea9debedadc91d43721927f0aabc
-
SHA256
94630dcd256f52e3a0123844fff4b0a0214c1ea11cda72ee5e59dc057f5badca
-
SHA512
0c13a7118b0432234dcb6c9bcd28d2dd25479eb213ce63d9ab4f964ac109864dff3cb57754181ecaa42651f06cc00c72fd55eca38747abc87839544f1f622e61
-
SSDEEP
12288:IJCLK4HTNRRvi8D9/CK6MkGF8URcX6FeJNz+xd4N:Tw8xru08URngJhW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-