General
-
Target
6ae110bb6a1d79cc8090a55f52e0634997e378c13354d026c8443288942935f0
-
Size
277KB
-
Sample
221206-d3tfeacc7x
-
MD5
8cfb86773ea88895989f96e052a15870
-
SHA1
c2d66030602cf9f59cb6bf55fe3917478e9e07bf
-
SHA256
6ae110bb6a1d79cc8090a55f52e0634997e378c13354d026c8443288942935f0
-
SHA512
9b1c9446d62451b5357872a80dd9241ca3b7f95333686337a6ade59e06103e645591c8944043e399f7dfa5e5c1a8bc8aece5e27b0c3999e54ee2259f6182bdcd
-
SSDEEP
3072:fLjO3Xj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWH+KxO:fLS3Xj0I/4nFzP8p+z
Static task
static1
Behavioral task
behavioral1
Sample
6ae110bb6a1d79cc8090a55f52e0634997e378c13354d026c8443288942935f0.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
@2023
79.137.192.28:20723
-
auth_value
93b4b7d0dc8e9415e261a402587c6710
Targets
-
-
Target
6ae110bb6a1d79cc8090a55f52e0634997e378c13354d026c8443288942935f0
-
Size
277KB
-
MD5
8cfb86773ea88895989f96e052a15870
-
SHA1
c2d66030602cf9f59cb6bf55fe3917478e9e07bf
-
SHA256
6ae110bb6a1d79cc8090a55f52e0634997e378c13354d026c8443288942935f0
-
SHA512
9b1c9446d62451b5357872a80dd9241ca3b7f95333686337a6ade59e06103e645591c8944043e399f7dfa5e5c1a8bc8aece5e27b0c3999e54ee2259f6182bdcd
-
SSDEEP
3072:fLjO3Xj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWH+KxO:fLS3Xj0I/4nFzP8p+z
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-