General
-
Target
ad58cdddaa732147848d3c5dc0e6ba560bb573f8d5430ce48fda1cabaed7300c
-
Size
1004KB
-
Sample
221130-q7jg8aaa8s
-
MD5
36a142814138d3833fabda1749571fd8
-
SHA1
3d6192913d673da7a79ef9927d76e981cf8a8fd9
-
SHA256
ad58cdddaa732147848d3c5dc0e6ba560bb573f8d5430ce48fda1cabaed7300c
-
SHA512
5cc5396952ec1e668a193f1d5be8d7e49331202d229a69e7634eca0f7eac5e36f281e8f7918d9e354009b0f985c5a570ec989ae9d336090c72d9750176e432e6
-
SSDEEP
12288:D5QEFuBP+MapWUIghSp3zgdXm0Ys5AkacCWkQ+vFajOJiVwEb4SFW5NnvQqBzV:DyEsQ95F1Rz5OmwEU6W5JQqB
Static task
static1
Behavioral task
behavioral1
Sample
ad58cdddaa732147848d3c5dc0e6ba560bb573f8d5430ce48fda1cabaed7300c.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ad58cdddaa732147848d3c5dc0e6ba560bb573f8d5430ce48fda1cabaed7300c.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
11
95.181.172.238:3214
Targets
-
-
Target
ad58cdddaa732147848d3c5dc0e6ba560bb573f8d5430ce48fda1cabaed7300c
-
Size
1004KB
-
MD5
36a142814138d3833fabda1749571fd8
-
SHA1
3d6192913d673da7a79ef9927d76e981cf8a8fd9
-
SHA256
ad58cdddaa732147848d3c5dc0e6ba560bb573f8d5430ce48fda1cabaed7300c
-
SHA512
5cc5396952ec1e668a193f1d5be8d7e49331202d229a69e7634eca0f7eac5e36f281e8f7918d9e354009b0f985c5a570ec989ae9d336090c72d9750176e432e6
-
SSDEEP
12288:D5QEFuBP+MapWUIghSp3zgdXm0Ys5AkacCWkQ+vFajOJiVwEb4SFW5NnvQqBzV:DyEsQ95F1Rz5OmwEU6W5JQqB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-