General
-
Target
367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3
-
Size
2.5MB
-
Sample
221101-ky3xlsahen
-
MD5
a882d0216879959354219ba50a8a059e
-
SHA1
9c827025afee5bad9d3a6530b978dee02faf197b
-
SHA256
367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3
-
SHA512
de8c42a4e53223c601a72bdb398c3cb572bbe6d7bdfde7ccdd01fc71d3c431b3f6f2acf25cb76f2b6b8c2d16325eb1e6a864e9a8310bc2fa70d5e230d35f2e1e
-
SSDEEP
24576:71LgXvZhuYPYo7o2GmGM8hdLQFuB/vb5rHpkpbjLhVILZhbTl3RuQ55313u:716vZMs45rCbjLhVIXl3Y
Static task
static1
Behavioral task
behavioral1
Sample
367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
1
146.19.75.18:41599
-
auth_value
8e95e553322b592c6800a519511ce6b9
Targets
-
-
Target
367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3
-
Size
2.5MB
-
MD5
a882d0216879959354219ba50a8a059e
-
SHA1
9c827025afee5bad9d3a6530b978dee02faf197b
-
SHA256
367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3
-
SHA512
de8c42a4e53223c601a72bdb398c3cb572bbe6d7bdfde7ccdd01fc71d3c431b3f6f2acf25cb76f2b6b8c2d16325eb1e6a864e9a8310bc2fa70d5e230d35f2e1e
-
SSDEEP
24576:71LgXvZhuYPYo7o2GmGM8hdLQFuB/vb5rHpkpbjLhVILZhbTl3RuQ55313u:716vZMs45rCbjLhVIXl3Y
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-