General
-
Target
75e4e9080625c45150fb0c729677203e.exe
-
Size
182KB
-
Sample
221124-zywkvsda9z
-
MD5
75e4e9080625c45150fb0c729677203e
-
SHA1
c31559bf53e9be7501c6fcad32ad29368d514e7d
-
SHA256
081efe08a54211147b7fb7f7dafba081da5ca5c0902f741003c4e4374e773869
-
SHA512
fcb0e13c5e3e1bf54dcb22470fc83097dffffd191e6f112595e0338b0a9f33dd45feb774a94dc8a00f35c09970d671a057ff5bd646541872abe8f26aa791bcbe
-
SSDEEP
3072:XfeuSBI5HiGQMFwGK7yFTXRh63wAaH+++K2S/vYXqMgpdx0Q7oD:XfeuS8iGQMFskTXXkwAaHLpYXqMgJVE
Static task
static1
Behavioral task
behavioral1
Sample
75e4e9080625c45150fb0c729677203e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
75e4e9080625c45150fb0c729677203e.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
5139967220
79.137.192.6:8362
Targets
-
-
Target
75e4e9080625c45150fb0c729677203e.exe
-
Size
182KB
-
MD5
75e4e9080625c45150fb0c729677203e
-
SHA1
c31559bf53e9be7501c6fcad32ad29368d514e7d
-
SHA256
081efe08a54211147b7fb7f7dafba081da5ca5c0902f741003c4e4374e773869
-
SHA512
fcb0e13c5e3e1bf54dcb22470fc83097dffffd191e6f112595e0338b0a9f33dd45feb774a94dc8a00f35c09970d671a057ff5bd646541872abe8f26aa791bcbe
-
SSDEEP
3072:XfeuSBI5HiGQMFwGK7yFTXRh63wAaH+++K2S/vYXqMgpdx0Q7oD:XfeuS8iGQMFskTXXkwAaHLpYXqMgJVE
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-