General
-
Target
ade9baa65fd2f2c84d7842d6a6e5a6b8b9ffc25fcb0df6490e8d3437db9a84ff
-
Size
277KB
-
Sample
221205-t2j4cabb2x
-
MD5
6ca843faab020f613e61eecdcde14421
-
SHA1
c19e0645c103558578b7bfe7679787ba26a94a28
-
SHA256
ade9baa65fd2f2c84d7842d6a6e5a6b8b9ffc25fcb0df6490e8d3437db9a84ff
-
SHA512
04c79288b51d7b4dd51e0731703261c2f7f99e8e6c111c962cf78a24235ec0aa7952f676b81a216bdff652109f67ef7790b01a36ebef514bf1ae4def19812afa
-
SSDEEP
3072:CLjOTXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWZ+oxO:CLSTXj0I/4nFzP8p+f
Static task
static1
Behavioral task
behavioral1
Sample
ade9baa65fd2f2c84d7842d6a6e5a6b8b9ffc25fcb0df6490e8d3437db9a84ff.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
@2023
79.137.192.28:20723
-
auth_value
93b4b7d0dc8e9415e261a402587c6710
Targets
-
-
Target
ade9baa65fd2f2c84d7842d6a6e5a6b8b9ffc25fcb0df6490e8d3437db9a84ff
-
Size
277KB
-
MD5
6ca843faab020f613e61eecdcde14421
-
SHA1
c19e0645c103558578b7bfe7679787ba26a94a28
-
SHA256
ade9baa65fd2f2c84d7842d6a6e5a6b8b9ffc25fcb0df6490e8d3437db9a84ff
-
SHA512
04c79288b51d7b4dd51e0731703261c2f7f99e8e6c111c962cf78a24235ec0aa7952f676b81a216bdff652109f67ef7790b01a36ebef514bf1ae4def19812afa
-
SSDEEP
3072:CLjOTXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWZ+oxO:CLSTXj0I/4nFzP8p+f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-