General
-
Target
malware_smoke_2750898361
-
Size
557KB
-
Sample
221004-dppkasada8
-
MD5
0b78ea25d14172536c70bd8ac554782c
-
SHA1
4d3b3c59bc87823b8bae6d2086c41465eaacb053
-
SHA256
064eb727936e2e156d971a3142a3982a38baa5b472d642eace029343a9c299c6
-
SHA512
f63b29b8bf5e655dfaf404892c2c8369ace576baaadef482f8b65da6ae62a463b243029a3cc85f7e699f3df60761d2df8cf7a04bebc47de5e5c401ea17ee43c2
-
SSDEEP
12288:7g0kqym9MZdAUn0hDS2+iVQS03ULaHNqrxlKIQNo0TC+K5DyoxjFru/:k0kqmPARS2vVkEaHNYK30+K5Dyox5w
Static task
static1
Behavioral task
behavioral1
Sample
malware_smoke_2750898361.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
malware_smoke_2750898361.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
5076357887
37.1.213.9:17292
-
auth_value
b1022b77a8ea3300a254df573b6fd16e
Targets
-
-
Target
malware_smoke_2750898361
-
Size
557KB
-
MD5
0b78ea25d14172536c70bd8ac554782c
-
SHA1
4d3b3c59bc87823b8bae6d2086c41465eaacb053
-
SHA256
064eb727936e2e156d971a3142a3982a38baa5b472d642eace029343a9c299c6
-
SHA512
f63b29b8bf5e655dfaf404892c2c8369ace576baaadef482f8b65da6ae62a463b243029a3cc85f7e699f3df60761d2df8cf7a04bebc47de5e5c401ea17ee43c2
-
SSDEEP
12288:7g0kqym9MZdAUn0hDS2+iVQS03ULaHNqrxlKIQNo0TC+K5DyoxjFru/:k0kqmPARS2vVkEaHNYK30+K5Dyox5w
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-