General
-
Target
1fdfd17b811e2b9cd84e7fccfd127cad598355e42bd23b0680f4a89e5d6097cf
-
Size
277KB
-
Sample
221205-tc9mpsdh45
-
MD5
5649b68c3d70fef2a90035ddd991d460
-
SHA1
87e716a30ac30e4b1496eebea6b7823507e0cb20
-
SHA256
1fdfd17b811e2b9cd84e7fccfd127cad598355e42bd23b0680f4a89e5d6097cf
-
SHA512
6ab81f3364fc7cc335d7d716ebfa0c0ef1b4e57ea2173afc7f1a8e9c0a440dafc29f7f1216b44a62a1f6c1af0178fbd5b4e64407dbe1cea4a65938aca64e44ab
-
SSDEEP
3072:oLjOZXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWq+DaxO:oLSZXj0I/4nFzP8p+O
Static task
static1
Behavioral task
behavioral1
Sample
1fdfd17b811e2b9cd84e7fccfd127cad598355e42bd23b0680f4a89e5d6097cf.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
@2023
79.137.192.28:20723
-
auth_value
93b4b7d0dc8e9415e261a402587c6710
Targets
-
-
Target
1fdfd17b811e2b9cd84e7fccfd127cad598355e42bd23b0680f4a89e5d6097cf
-
Size
277KB
-
MD5
5649b68c3d70fef2a90035ddd991d460
-
SHA1
87e716a30ac30e4b1496eebea6b7823507e0cb20
-
SHA256
1fdfd17b811e2b9cd84e7fccfd127cad598355e42bd23b0680f4a89e5d6097cf
-
SHA512
6ab81f3364fc7cc335d7d716ebfa0c0ef1b4e57ea2173afc7f1a8e9c0a440dafc29f7f1216b44a62a1f6c1af0178fbd5b4e64407dbe1cea4a65938aca64e44ab
-
SSDEEP
3072:oLjOZXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWq+DaxO:oLSZXj0I/4nFzP8p+O
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-