General
-
Target
afbc4826c65f6625d66998f6181cc3eefeaabc1c96203c7fc684943db8c66bfe
-
Size
421KB
-
Sample
221204-jy25msef5y
-
MD5
298fc5d6ea1f87faae127928bab5da7c
-
SHA1
c9f5151955084d0df91c2254f4644a6b0d0655cb
-
SHA256
afbc4826c65f6625d66998f6181cc3eefeaabc1c96203c7fc684943db8c66bfe
-
SHA512
3659973f98b063b696a5099c84c42813e2c5612dd6986e45f63baa5534cf6a7da0c9a8945bd2290130967115f09548c2e5e2f0725eb1cf51d4c4ef20c15ad4f3
-
SSDEEP
12288:yhhl6EB+iEEvpbmC7dTnsDS4p3kKiyMP:klD
Static task
static1
Behavioral task
behavioral1
Sample
afbc4826c65f6625d66998f6181cc3eefeaabc1c96203c7fc684943db8c66bfe.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
afbc4826c65f6625d66998f6181cc3eefeaabc1c96203c7fc684943db8c66bfe.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
update
135.181.79.37:32157
-
auth_value
566b757a443f7c87259669c7db1ac5ba
Targets
-
-
Target
afbc4826c65f6625d66998f6181cc3eefeaabc1c96203c7fc684943db8c66bfe
-
Size
421KB
-
MD5
298fc5d6ea1f87faae127928bab5da7c
-
SHA1
c9f5151955084d0df91c2254f4644a6b0d0655cb
-
SHA256
afbc4826c65f6625d66998f6181cc3eefeaabc1c96203c7fc684943db8c66bfe
-
SHA512
3659973f98b063b696a5099c84c42813e2c5612dd6986e45f63baa5534cf6a7da0c9a8945bd2290130967115f09548c2e5e2f0725eb1cf51d4c4ef20c15ad4f3
-
SSDEEP
12288:yhhl6EB+iEEvpbmC7dTnsDS4p3kKiyMP:klD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-