General
-
Target
36915399b9afd2c1488e5c61c62ef24fdf26e1db8b2707949c0e1543c8588ec6
-
Size
277KB
-
Sample
221206-cvy59abg5t
-
MD5
61e556ed6671cad870b71e1bc848197b
-
SHA1
cea7e88c7a0883619b97754a2d4fc76b3865055f
-
SHA256
36915399b9afd2c1488e5c61c62ef24fdf26e1db8b2707949c0e1543c8588ec6
-
SHA512
c23f242c332d316a0edd6cdf7bae977282eb01d30cef498b6481c46b96e6b3da9feb9e3c93f80b4953a37fb8ab6eb8ae968395b0638ca2bf256249bf882420a3
-
SSDEEP
3072:6LjOlXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTW2+SxO:6LSlXj0I/4nFzP8p+S
Static task
static1
Behavioral task
behavioral1
Sample
36915399b9afd2c1488e5c61c62ef24fdf26e1db8b2707949c0e1543c8588ec6.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
@2023
79.137.192.28:20723
-
auth_value
93b4b7d0dc8e9415e261a402587c6710
Targets
-
-
Target
36915399b9afd2c1488e5c61c62ef24fdf26e1db8b2707949c0e1543c8588ec6
-
Size
277KB
-
MD5
61e556ed6671cad870b71e1bc848197b
-
SHA1
cea7e88c7a0883619b97754a2d4fc76b3865055f
-
SHA256
36915399b9afd2c1488e5c61c62ef24fdf26e1db8b2707949c0e1543c8588ec6
-
SHA512
c23f242c332d316a0edd6cdf7bae977282eb01d30cef498b6481c46b96e6b3da9feb9e3c93f80b4953a37fb8ab6eb8ae968395b0638ca2bf256249bf882420a3
-
SSDEEP
3072:6LjOlXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTW2+SxO:6LSlXj0I/4nFzP8p+S
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-