General
-
Target
bfb45ea621467d1d864fdccdd627633b807004b099c11067917d38aa4f31b95a
-
Size
2.5MB
-
Sample
221101-m58sjscbbn
-
MD5
e96cdd6f709cd297f564f484eeb11a07
-
SHA1
5bd8029febd8d0298d9a178a3b44eeee1a3ef8e2
-
SHA256
bfb45ea621467d1d864fdccdd627633b807004b099c11067917d38aa4f31b95a
-
SHA512
1391123138bf45e2f82f29912b788a0f1b38779e03ca72a502ad6e77300d399b910cc707081379e3c4752a85afe8a4a8c3b2a4dac6a7ba222682d10a37b70790
-
SSDEEP
24576:D5HTB8YsP7YAY2gtlHC3MhJdIKH2GEhb6Lsfuo4N8fVxLORl3RuQ55313c:DNBrsbOiuo4N8fVxyl3y
Static task
static1
Behavioral task
behavioral1
Sample
bfb45ea621467d1d864fdccdd627633b807004b099c11067917d38aa4f31b95a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
bfb45ea621467d1d864fdccdd627633b807004b099c11067917d38aa4f31b95a.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
Redline
185.186.142.127:6737
-
auth_value
79885e811fa97fd37687d3b2613976a8
Targets
-
-
Target
bfb45ea621467d1d864fdccdd627633b807004b099c11067917d38aa4f31b95a
-
Size
2.5MB
-
MD5
e96cdd6f709cd297f564f484eeb11a07
-
SHA1
5bd8029febd8d0298d9a178a3b44eeee1a3ef8e2
-
SHA256
bfb45ea621467d1d864fdccdd627633b807004b099c11067917d38aa4f31b95a
-
SHA512
1391123138bf45e2f82f29912b788a0f1b38779e03ca72a502ad6e77300d399b910cc707081379e3c4752a85afe8a4a8c3b2a4dac6a7ba222682d10a37b70790
-
SSDEEP
24576:D5HTB8YsP7YAY2gtlHC3MhJdIKH2GEhb6Lsfuo4N8fVxLORl3RuQ55313c:DNBrsbOiuo4N8fVxyl3y
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-