General
-
Target
modest-menu.exe
-
Size
3.8MB
-
Sample
221206-cw2b1agh66
-
MD5
5ff3e364b2c911a3a504db8ca8b357af
-
SHA1
634576bc4beb40802faabc2832bf8966746d33e5
-
SHA256
086cf9d70f774248002dd699663b21ffbff861b44068a1b468ae721b2813cf7a
-
SHA512
9b6d4a06468818c707164c3e5389410e83cf10baaa1a4d8c5ea573681c241b565eef4ddca96066b0cb5a1277ce6ce7eab3416470dd7055d803f8cbe93af43b72
-
SSDEEP
98304:73OMOXyx9YfGxGb1sPW7UHkvLw5mQTzd7W+HtdIOoQ7pCl:73OMay4fYasPfuL8ttdDoMpO
Static task
static1
Behavioral task
behavioral1
Sample
modest-menu.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
modest-menu.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
@dxrkl0rd
193.106.191.160:8673
-
auth_value
9c8dd7353be7ed4b6832da21d8d0d902
Targets
-
-
Target
modest-menu.exe
-
Size
3.8MB
-
MD5
5ff3e364b2c911a3a504db8ca8b357af
-
SHA1
634576bc4beb40802faabc2832bf8966746d33e5
-
SHA256
086cf9d70f774248002dd699663b21ffbff861b44068a1b468ae721b2813cf7a
-
SHA512
9b6d4a06468818c707164c3e5389410e83cf10baaa1a4d8c5ea573681c241b565eef4ddca96066b0cb5a1277ce6ce7eab3416470dd7055d803f8cbe93af43b72
-
SSDEEP
98304:73OMOXyx9YfGxGb1sPW7UHkvLw5mQTzd7W+HtdIOoQ7pCl:73OMay4fYasPfuL8ttdDoMpO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-