General
-
Target
ac1ee8dc45b81c53d8ef7f27243eb571986d2797e58d0444962d839c382e7ee1
-
Size
1.4MB
-
Sample
221128-shzh9agd6x
-
MD5
48590ce8e33801f64a586119f2815d96
-
SHA1
0eb96a0469f3bacd6996af607544ecf014c978de
-
SHA256
ac1ee8dc45b81c53d8ef7f27243eb571986d2797e58d0444962d839c382e7ee1
-
SHA512
8ef667caae5d0e289b38c52daee5f84f7b06339b532cc4121bcb01e3a883704269946b2323dc82e60eaaca0a17128ef50d834a8191cb340a40e6435f4b7fcfe9
-
SSDEEP
24576:FYBb6nIWpwir8ESqL39zBcpwIryUkUHAHHHgX63Gg+U9UJpoIgYYFz70vCfGT5qt:XIWpv803newuyUkUHAHHHgX63Gg+U9Ua
Static task
static1
Behavioral task
behavioral1
Sample
ac1ee8dc45b81c53d8ef7f27243eb571986d2797e58d0444962d839c382e7ee1.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ac1ee8dc45b81c53d8ef7f27243eb571986d2797e58d0444962d839c382e7ee1.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
8allsup
jbeaef.ga:80
Targets
-
-
Target
ac1ee8dc45b81c53d8ef7f27243eb571986d2797e58d0444962d839c382e7ee1
-
Size
1.4MB
-
MD5
48590ce8e33801f64a586119f2815d96
-
SHA1
0eb96a0469f3bacd6996af607544ecf014c978de
-
SHA256
ac1ee8dc45b81c53d8ef7f27243eb571986d2797e58d0444962d839c382e7ee1
-
SHA512
8ef667caae5d0e289b38c52daee5f84f7b06339b532cc4121bcb01e3a883704269946b2323dc82e60eaaca0a17128ef50d834a8191cb340a40e6435f4b7fcfe9
-
SSDEEP
24576:FYBb6nIWpwir8ESqL39zBcpwIryUkUHAHHHgX63Gg+U9UJpoIgYYFz70vCfGT5qt:XIWpv803newuyUkUHAHHHgX63Gg+U9Ua
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-