General
-
Target
malware_smoke_3563958347
-
Size
3.9MB
-
Sample
221004-bj9xyafafq
-
MD5
00a1e1858578efb3530eeda5e92681be
-
SHA1
a8f300e9b626f5dbd0c8ba03a2ff53707c5bd6c1
-
SHA256
e117439ca96e4b65ec9233451276151f4208bd1c45c482d07bbc2e3f79b31116
-
SHA512
eaba225104f4f72bf687d712edb6fd4869dfcb2b45b3ba3b9c301e81761956edb6d8042cdca80ce7d336e7b8a4fb4fcb458a490ff154363a1d1a5518c6534a6b
-
SSDEEP
98304:LIbMLu1ZfIH6y5NC1Htn2DtOMZf3hSrzY/3:LIASPwH6ztn2xZfhmY/3
Static task
static1
Behavioral task
behavioral1
Sample
malware_smoke_3563958347.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
malware_smoke_3563958347.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
5076357887
5.61.50.222:2575
-
auth_value
b1022b77a8ea3300a254df573b6fd16e
Targets
-
-
Target
malware_smoke_3563958347
-
Size
3.9MB
-
MD5
00a1e1858578efb3530eeda5e92681be
-
SHA1
a8f300e9b626f5dbd0c8ba03a2ff53707c5bd6c1
-
SHA256
e117439ca96e4b65ec9233451276151f4208bd1c45c482d07bbc2e3f79b31116
-
SHA512
eaba225104f4f72bf687d712edb6fd4869dfcb2b45b3ba3b9c301e81761956edb6d8042cdca80ce7d336e7b8a4fb4fcb458a490ff154363a1d1a5518c6534a6b
-
SSDEEP
98304:LIbMLu1ZfIH6y5NC1Htn2DtOMZf3hSrzY/3:LIASPwH6ztn2xZfhmY/3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-