General
-
Target
260651ef8950657324d97c29029a3fce27417b4afff7e82de75f178aa837c516
-
Size
2.4MB
-
Sample
221101-kqb4xsagdr
-
MD5
b9f6e7448644ce8f08c9ff65c8744e3d
-
SHA1
3a3df57cbaf3131d1578a0affce26f5d4a357b8c
-
SHA256
260651ef8950657324d97c29029a3fce27417b4afff7e82de75f178aa837c516
-
SHA512
8f9686b2828b930a0b43f3b3130fcebbc00a5c1bb5b4d2dfbc96c749bb9296af4aa1f54f559e2ccaa905872f8e4f5ad742b3de02dd5fa846c4c8cbbf6fd8b029
-
SSDEEP
24576:n98UagvYcYQFLbY8Mwelj1S6WSzGTRcbO5EAy/clLsv2LYStrRQb7NaJgrl3RuQK:yUagtGGG/clLsv2nGrl3q
Static task
static1
Behavioral task
behavioral1
Sample
260651ef8950657324d97c29029a3fce27417b4afff7e82de75f178aa837c516.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
260651ef8950657324d97c29029a3fce27417b4afff7e82de75f178aa837c516.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
@forceddd_lzt
5.182.36.101:31305
-
auth_value
91ffc3d776bc56b5c410d1adf5648512
Targets
-
-
Target
260651ef8950657324d97c29029a3fce27417b4afff7e82de75f178aa837c516
-
Size
2.4MB
-
MD5
b9f6e7448644ce8f08c9ff65c8744e3d
-
SHA1
3a3df57cbaf3131d1578a0affce26f5d4a357b8c
-
SHA256
260651ef8950657324d97c29029a3fce27417b4afff7e82de75f178aa837c516
-
SHA512
8f9686b2828b930a0b43f3b3130fcebbc00a5c1bb5b4d2dfbc96c749bb9296af4aa1f54f559e2ccaa905872f8e4f5ad742b3de02dd5fa846c4c8cbbf6fd8b029
-
SSDEEP
24576:n98UagvYcYQFLbY8Mwelj1S6WSzGTRcbO5EAy/clLsv2LYStrRQb7NaJgrl3RuQK:yUagtGGG/clLsv2nGrl3q
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-