General
-
Target
c12095b5e77be004fd37dfa50785f6578f07b702e681d751ae050be5ede8e5b7
-
Size
258KB
-
Sample
221112-vsr82agg68
-
MD5
43d67143a8a8199ad104cee9e8005968
-
SHA1
067642d532aaa2e4ea26e8ad121f31db2e5a7c7b
-
SHA256
c12095b5e77be004fd37dfa50785f6578f07b702e681d751ae050be5ede8e5b7
-
SHA512
1152a47384612008d402f10292eb32acc7819c0e780bb8ec85570993a47e1358b99929a1ceb80e18189daab734fe6d7956f0b42bf7f2ef70dc38bcc6fecfee0c
-
SSDEEP
6144:lN2bVLr9JgZkzllVBqtUIfMYmtJZTy2fqwW:lN25f9JgM7VBSUIfmtLG2fqz
Static task
static1
Behavioral task
behavioral1
Sample
c12095b5e77be004fd37dfa50785f6578f07b702e681d751ae050be5ede8e5b7.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
boy
77.73.134.241:4691
-
auth_value
a91fa8cc2cfaefc42a23c03faef44bd3
Targets
-
-
Target
c12095b5e77be004fd37dfa50785f6578f07b702e681d751ae050be5ede8e5b7
-
Size
258KB
-
MD5
43d67143a8a8199ad104cee9e8005968
-
SHA1
067642d532aaa2e4ea26e8ad121f31db2e5a7c7b
-
SHA256
c12095b5e77be004fd37dfa50785f6578f07b702e681d751ae050be5ede8e5b7
-
SHA512
1152a47384612008d402f10292eb32acc7819c0e780bb8ec85570993a47e1358b99929a1ceb80e18189daab734fe6d7956f0b42bf7f2ef70dc38bcc6fecfee0c
-
SSDEEP
6144:lN2bVLr9JgZkzllVBqtUIfMYmtJZTy2fqwW:lN25f9JgM7VBSUIfmtLG2fqz
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-