General
-
Target
234f94209fea322da012f79f88d0c128379cccccb0f8cd8722dcc441d6bcc4cc
-
Size
239KB
-
Sample
221205-xphxasfh32
-
MD5
17d3970816a55fa5b3208e430488eb7e
-
SHA1
662a2ba2c01f784b8b2c6d5a6d41176dff60117b
-
SHA256
234f94209fea322da012f79f88d0c128379cccccb0f8cd8722dcc441d6bcc4cc
-
SHA512
b778f39a2ac9e7998bf6da1e98166d2340570f13e3fbb504b2a7411444fd5e357c25b15c2456df80b51b3faff3955365b75a4f2c062556d3358dd4ef96d70762
-
SSDEEP
3072:Gx+ugbyg6H8xK/q+PwjUoHp0DCe8K/1IzKbVR4TfGRrhqZIATcymAxO:Gx+ugWg5Kq+PwQoHp0DoK2KJSTfqrhmu
Static task
static1
Behavioral task
behavioral1
Sample
234f94209fea322da012f79f88d0c128379cccccb0f8cd8722dcc441d6bcc4cc.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
@P1
193.106.191.138:32796
-
auth_value
54c79ce081122137049ee07c0a2f38ab
Targets
-
-
Target
234f94209fea322da012f79f88d0c128379cccccb0f8cd8722dcc441d6bcc4cc
-
Size
239KB
-
MD5
17d3970816a55fa5b3208e430488eb7e
-
SHA1
662a2ba2c01f784b8b2c6d5a6d41176dff60117b
-
SHA256
234f94209fea322da012f79f88d0c128379cccccb0f8cd8722dcc441d6bcc4cc
-
SHA512
b778f39a2ac9e7998bf6da1e98166d2340570f13e3fbb504b2a7411444fd5e357c25b15c2456df80b51b3faff3955365b75a4f2c062556d3358dd4ef96d70762
-
SSDEEP
3072:Gx+ugbyg6H8xK/q+PwjUoHp0DCe8K/1IzKbVR4TfGRrhqZIATcymAxO:Gx+ugWg5Kq+PwQoHp0DoK2KJSTfqrhmu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-