General
-
Target
55bf7ebfe93e5feff3701c868a2eabd8bb182a288fbc887288bca3f06fac1d9f
-
Size
558KB
-
Sample
221123-mwxzpafc22
-
MD5
d907b6b9e3dac031bba4ecc6cedea6dd
-
SHA1
62ee494ae2a55fee2d3d1a200bec91d50a637a0a
-
SHA256
55bf7ebfe93e5feff3701c868a2eabd8bb182a288fbc887288bca3f06fac1d9f
-
SHA512
135e53b094226b82737087b8be32edf54884cc2bd182139f55b97ba98a8b265343212d05dcfb4deab0c871c49a0827181731e53e0414666a5aed39408ceffc99
-
SSDEEP
12288:wEcKWGlRSkvoEMonD7N+uyx7Ut5g6bltalwq72W:m2Skv6YDO96JtOwqSW
Static task
static1
Behavioral task
behavioral1
Sample
55bf7ebfe93e5feff3701c868a2eabd8bb182a288fbc887288bca3f06fac1d9f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
55bf7ebfe93e5feff3701c868a2eabd8bb182a288fbc887288bca3f06fac1d9f.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
16.11
194.62.42.182:9697
-
auth_value
ff68575fae2dfda7f30688af50182592
Targets
-
-
Target
55bf7ebfe93e5feff3701c868a2eabd8bb182a288fbc887288bca3f06fac1d9f
-
Size
558KB
-
MD5
d907b6b9e3dac031bba4ecc6cedea6dd
-
SHA1
62ee494ae2a55fee2d3d1a200bec91d50a637a0a
-
SHA256
55bf7ebfe93e5feff3701c868a2eabd8bb182a288fbc887288bca3f06fac1d9f
-
SHA512
135e53b094226b82737087b8be32edf54884cc2bd182139f55b97ba98a8b265343212d05dcfb4deab0c871c49a0827181731e53e0414666a5aed39408ceffc99
-
SSDEEP
12288:wEcKWGlRSkvoEMonD7N+uyx7Ut5g6bltalwq72W:m2Skv6YDO96JtOwqSW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-