General
-
Target
4081bb1acef3d011742967e2275b9c403da156ca04023873b8e83c0403da435c
-
Size
989KB
-
Sample
221130-vvfm1sac66
-
MD5
ad8e6b247230cc5ca53b4d687d935878
-
SHA1
a61daf807f4b4a2999a5866178c590a76e496c68
-
SHA256
4081bb1acef3d011742967e2275b9c403da156ca04023873b8e83c0403da435c
-
SHA512
f5aee5e56c96116e941875c8691864c765864dcaf3ec79fa52a14385693a598eb0a5661f2cdb7ce6456bfda7338b0d5123e38f6626bc632ca144cd8ccc6b8d54
-
SSDEEP
12288:wrlm6QxOoVfwqtw+zXI0eWorR/BXpI2HcgnVFKkxpG1TJw7/5yyhv:elm6QPVoqy+zXc5NpnVFKkxc1SE
Static task
static1
Behavioral task
behavioral1
Sample
4081bb1acef3d011742967e2275b9c403da156ca04023873b8e83c0403da435c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4081bb1acef3d011742967e2275b9c403da156ca04023873b8e83c0403da435c.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
01
87.251.71.13:80
Targets
-
-
Target
4081bb1acef3d011742967e2275b9c403da156ca04023873b8e83c0403da435c
-
Size
989KB
-
MD5
ad8e6b247230cc5ca53b4d687d935878
-
SHA1
a61daf807f4b4a2999a5866178c590a76e496c68
-
SHA256
4081bb1acef3d011742967e2275b9c403da156ca04023873b8e83c0403da435c
-
SHA512
f5aee5e56c96116e941875c8691864c765864dcaf3ec79fa52a14385693a598eb0a5661f2cdb7ce6456bfda7338b0d5123e38f6626bc632ca144cd8ccc6b8d54
-
SSDEEP
12288:wrlm6QxOoVfwqtw+zXI0eWorR/BXpI2HcgnVFKkxpG1TJw7/5yyhv:elm6QPVoqy+zXc5NpnVFKkxc1SE
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-