General
-
Target
malware_smoke_657451425
-
Size
557KB
-
Sample
221004-g4pqdsfegm
-
MD5
f01c73bebfa9b3b007060d3a921d677e
-
SHA1
66272bc408b602413b09c7962dde68ee928c8f5d
-
SHA256
e512898778a519c92977bd5ffbcdc0962a711d6513e9c9aec4c011193850436a
-
SHA512
fb677cacba3a6cf53037cf122856864331cb010224ce8f0b5718b22ffc753a2a6fea3a3a95927b2aa532b35e7768e353bf32a63d2a8efed3d5c0b40782762293
-
SSDEEP
12288:3QA36pk3/2mPb7KGJTA7hVMQS03ULaHNqrxlKIQNoIEqolY3NVzrEe1:gA36pJmqGRWMkEaHNYK3P7oy3NVzL1
Static task
static1
Behavioral task
behavioral1
Sample
malware_smoke_657451425.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
malware_smoke_657451425.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
5076357887
37.1.213.9:17292
-
auth_value
b1022b77a8ea3300a254df573b6fd16e
Targets
-
-
Target
malware_smoke_657451425
-
Size
557KB
-
MD5
f01c73bebfa9b3b007060d3a921d677e
-
SHA1
66272bc408b602413b09c7962dde68ee928c8f5d
-
SHA256
e512898778a519c92977bd5ffbcdc0962a711d6513e9c9aec4c011193850436a
-
SHA512
fb677cacba3a6cf53037cf122856864331cb010224ce8f0b5718b22ffc753a2a6fea3a3a95927b2aa532b35e7768e353bf32a63d2a8efed3d5c0b40782762293
-
SSDEEP
12288:3QA36pk3/2mPb7KGJTA7hVMQS03ULaHNqrxlKIQNoIEqolY3NVzrEe1:gA36pJmqGRWMkEaHNYK3P7oy3NVzL1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-