General
-
Target
Setup.exe
-
Size
1006KB
-
Sample
221010-h4ytqsbbfr
-
MD5
556f8368b0adbf6f4a547eb2af242f93
-
SHA1
eb2f8e06c0f32ef22b60e439a54c934432d15415
-
SHA256
71cab0db3c492c830b4af57c7dc479ac75489362c967ae55393a27d00d82043f
-
SHA512
3cecd063ebf1201859ef2bc23e7d6c4088bcff90214bba9bc14fd5c30f0e364001c10b217f9c5d380c5da4acd185ab11c8a7fe93acbdf4be4c88d3539ebc329b
-
SSDEEP
12288:OWYCX1zgwrZi970wRp10LhM7QkzIe8XsLTSqGBQ34GgT:OXqVrZv2skH88PEQIJ
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
youtube
62.109.7.229:80
Targets
-
-
Target
Setup.exe
-
Size
1006KB
-
MD5
556f8368b0adbf6f4a547eb2af242f93
-
SHA1
eb2f8e06c0f32ef22b60e439a54c934432d15415
-
SHA256
71cab0db3c492c830b4af57c7dc479ac75489362c967ae55393a27d00d82043f
-
SHA512
3cecd063ebf1201859ef2bc23e7d6c4088bcff90214bba9bc14fd5c30f0e364001c10b217f9c5d380c5da4acd185ab11c8a7fe93acbdf4be4c88d3539ebc329b
-
SSDEEP
12288:OWYCX1zgwrZi970wRp10LhM7QkzIe8XsLTSqGBQ34GgT:OXqVrZv2skH88PEQIJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-