General
-
Target
71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
-
Size
2.5MB
-
Sample
221101-lyy44abdhq
-
MD5
ae4706a07a1483095cbb7d21d9bb15ef
-
SHA1
b4cea0e55de6af32949301b217f73a5b3b2c5e4c
-
SHA256
71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
-
SHA512
2c2f34cc43fe898f453b40a46b1f3bd96a74bc6882634b71675ae25d65cfc1f0e2863a99803c4edd3275012a8afbfb89492b0c0169bc3569ca967d6bab2c375d
-
SSDEEP
24576:tZKcYhEYcwpYQYC+aQXi3MKbdIRHGOw6bdgvTLesl1oho4yQALwrkl3RuQ55313w:tAnhjck+Jdbhho4yQAll3q
Static task
static1
Behavioral task
behavioral1
Sample
71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
LogsDiller Cloud (Sup: @mr_golds)
193.233.193.14:8163
-
auth_value
56c6f7b9024c076f0a96931453da7e56
Targets
-
-
Target
71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
-
Size
2.5MB
-
MD5
ae4706a07a1483095cbb7d21d9bb15ef
-
SHA1
b4cea0e55de6af32949301b217f73a5b3b2c5e4c
-
SHA256
71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
-
SHA512
2c2f34cc43fe898f453b40a46b1f3bd96a74bc6882634b71675ae25d65cfc1f0e2863a99803c4edd3275012a8afbfb89492b0c0169bc3569ca967d6bab2c375d
-
SSDEEP
24576:tZKcYhEYcwpYQYC+aQXi3MKbdIRHGOw6bdgvTLesl1oho4yQALwrkl3RuQ55313w:tAnhjck+Jdbhho4yQAll3q
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-