General
-
Target
974291497ea74fe8a375132588057f892bf4adb538d98588f1d8257fa6d073dc
-
Size
2.7MB
-
Sample
221101-mghlfsbgcq
-
MD5
77be4d184f8433f09505da8dd3c498ce
-
SHA1
b6071c6d4ca4e8d9bccb154fe0411d945f29a79c
-
SHA256
974291497ea74fe8a375132588057f892bf4adb538d98588f1d8257fa6d073dc
-
SHA512
d0fd3e9bfb261e02b78b5f68ea06de37cba4ab21e7170740337720746fc52af0060b36214b366c622bc891e6e5129179389ccf6531529e72b2bcf5dce3d92ca2
-
SSDEEP
24576:KwJpCV6sd32jQYiYPlpogq7MP1dJc+voiWop3YkFnKGJLsISl3RuQ55313:PD06sx2q+Qho3YkFnKGJwVl3
Static task
static1
Behavioral task
behavioral1
Sample
974291497ea74fe8a375132588057f892bf4adb538d98588f1d8257fa6d073dc.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
974291497ea74fe8a375132588057f892bf4adb538d98588f1d8257fa6d073dc.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
28
95.217.123.71:9169
-
auth_value
dcf3f16408f4c0fb7e1c535cdbc15695
Targets
-
-
Target
974291497ea74fe8a375132588057f892bf4adb538d98588f1d8257fa6d073dc
-
Size
2.7MB
-
MD5
77be4d184f8433f09505da8dd3c498ce
-
SHA1
b6071c6d4ca4e8d9bccb154fe0411d945f29a79c
-
SHA256
974291497ea74fe8a375132588057f892bf4adb538d98588f1d8257fa6d073dc
-
SHA512
d0fd3e9bfb261e02b78b5f68ea06de37cba4ab21e7170740337720746fc52af0060b36214b366c622bc891e6e5129179389ccf6531529e72b2bcf5dce3d92ca2
-
SSDEEP
24576:KwJpCV6sd32jQYiYPlpogq7MP1dJc+voiWop3YkFnKGJLsISl3RuQ55313:PD06sx2q+Qho3YkFnKGJwVl3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-