General
-
Target
malware_smoke_3486898020
-
Size
576KB
-
Sample
221004-b8t8sagbbr
-
MD5
0182b08a0baec057442e99f6d9a2f92e
-
SHA1
456d10c6d05c905437522a120de811da18005d91
-
SHA256
304eaba1cf03d198a719831d4a3c41eacb999ff0398192fb51b88a35e6803e8a
-
SHA512
dd0d5b8bfc0b018c08c09c7fbadaade721729ad902950ff60117f7786fc95abe3b16c9333e8b1662b1d656a5785888ea7c35b8e41bb37bdbc62b0e25e7da6a85
-
SSDEEP
12288:+i9oxCwb5PyrtmqQsp9QS03ULaHNqrxlKIQNo701uKWcdlPmNFT7yLs:1ACw1yp9Q2kEaHNYK3XuZS9sx7y4
Static task
static1
Behavioral task
behavioral1
Sample
malware_smoke_3486898020.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
malware_smoke_3486898020.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
5076357887
5.61.50.222:2575
-
auth_value
b1022b77a8ea3300a254df573b6fd16e
Targets
-
-
Target
malware_smoke_3486898020
-
Size
576KB
-
MD5
0182b08a0baec057442e99f6d9a2f92e
-
SHA1
456d10c6d05c905437522a120de811da18005d91
-
SHA256
304eaba1cf03d198a719831d4a3c41eacb999ff0398192fb51b88a35e6803e8a
-
SHA512
dd0d5b8bfc0b018c08c09c7fbadaade721729ad902950ff60117f7786fc95abe3b16c9333e8b1662b1d656a5785888ea7c35b8e41bb37bdbc62b0e25e7da6a85
-
SSDEEP
12288:+i9oxCwb5PyrtmqQsp9QS03ULaHNqrxlKIQNo701uKWcdlPmNFT7yLs:1ACw1yp9Q2kEaHNYK3XuZS9sx7y4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-