General
-
Target
f62904530c2df665f20a7a2dcf96de34d2f5c7d78b6092fd616596df53685322
-
Size
239KB
-
Sample
221206-awcbrsed9s
-
MD5
2f8dbddb71b741137a62962b7662006c
-
SHA1
28b78f2a7217f6e8cc1c8fe61e01d3e46b4976f0
-
SHA256
f62904530c2df665f20a7a2dcf96de34d2f5c7d78b6092fd616596df53685322
-
SHA512
ffe35cff7ae03eabf8ff04b712d1c0369b8db0a4d75e5fff4a2eadc0756d5d44c8f0186f16c5eca8441cb222c9baf1c59b0c3f0c3842ba1335fa4a7202989ed2
-
SSDEEP
3072:4x+Qgbyg6H8xK/q+PwjUoHp0DCe8K/1IzKbVR4TfGRrhqZIATcmmMxO:4x+QgWg5Kq+PwQoHp0DoK2KJSTfqrhmy
Static task
static1
Behavioral task
behavioral1
Sample
f62904530c2df665f20a7a2dcf96de34d2f5c7d78b6092fd616596df53685322.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
@P1
193.106.191.138:32796
-
auth_value
54c79ce081122137049ee07c0a2f38ab
Targets
-
-
Target
f62904530c2df665f20a7a2dcf96de34d2f5c7d78b6092fd616596df53685322
-
Size
239KB
-
MD5
2f8dbddb71b741137a62962b7662006c
-
SHA1
28b78f2a7217f6e8cc1c8fe61e01d3e46b4976f0
-
SHA256
f62904530c2df665f20a7a2dcf96de34d2f5c7d78b6092fd616596df53685322
-
SHA512
ffe35cff7ae03eabf8ff04b712d1c0369b8db0a4d75e5fff4a2eadc0756d5d44c8f0186f16c5eca8441cb222c9baf1c59b0c3f0c3842ba1335fa4a7202989ed2
-
SSDEEP
3072:4x+Qgbyg6H8xK/q+PwjUoHp0DCe8K/1IzKbVR4TfGRrhqZIATcmmMxO:4x+QgWg5Kq+PwQoHp0DoK2KJSTfqrhmy
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-