General
-
Target
c20188aeac3782469ac75c40911e5bae45d36f2208e286b51a5f6f5e878e371b
-
Size
277KB
-
Sample
221206-en8r8ahd22
-
MD5
75f4207637e56307389dfa82b3463690
-
SHA1
d7d51072a59f78314e90327a9f5f74004ae8b2a7
-
SHA256
c20188aeac3782469ac75c40911e5bae45d36f2208e286b51a5f6f5e878e371b
-
SHA512
1a634a4c84a6dd8304b15ad7e7e5010e347c21f9e9f23529f6f4945b00727df6084b1d7917977e1f4fed51b8fd3dc10f5dfa1627c756152a5c9c86089fe82b52
-
SSDEEP
3072:QLjOjXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWx+PsxO:QLSjXj0I/4nFzP8p+H
Static task
static1
Behavioral task
behavioral1
Sample
c20188aeac3782469ac75c40911e5bae45d36f2208e286b51a5f6f5e878e371b.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
@2023
79.137.192.28:20723
-
auth_value
93b4b7d0dc8e9415e261a402587c6710
Targets
-
-
Target
c20188aeac3782469ac75c40911e5bae45d36f2208e286b51a5f6f5e878e371b
-
Size
277KB
-
MD5
75f4207637e56307389dfa82b3463690
-
SHA1
d7d51072a59f78314e90327a9f5f74004ae8b2a7
-
SHA256
c20188aeac3782469ac75c40911e5bae45d36f2208e286b51a5f6f5e878e371b
-
SHA512
1a634a4c84a6dd8304b15ad7e7e5010e347c21f9e9f23529f6f4945b00727df6084b1d7917977e1f4fed51b8fd3dc10f5dfa1627c756152a5c9c86089fe82b52
-
SSDEEP
3072:QLjOjXj0I/hH3RvM+4UU5i7SVx/n8p+izFgTWx+PsxO:QLSjXj0I/4nFzP8p+H
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-