General
-
Target
7718463ca93b085fe30b4a2ccba10e0ca28ae851bf0bce96cfcff3f2cfa02fe7
-
Size
277KB
-
Sample
221206-fmmzssce3y
-
MD5
18ba63d8e16221ff09965ef2e27863a9
-
SHA1
1884c4b9ba976e6849bdcee47cc349cf09c58b8d
-
SHA256
7718463ca93b085fe30b4a2ccba10e0ca28ae851bf0bce96cfcff3f2cfa02fe7
-
SHA512
a73ce523218e037b7fd065a7361c558ce281a6cbd716e0ab1c5cb149d26e10558d13499e74786673e3c002d4b14bf7d9584ddc1959ff33576a8927325570584f
-
SSDEEP
3072:TLjOj5jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTWf+txO:TLSj5jAIDHE98JEbCe3QwSAZTA
Static task
static1
Behavioral task
behavioral1
Sample
7718463ca93b085fe30b4a2ccba10e0ca28ae851bf0bce96cfcff3f2cfa02fe7.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
7718463ca93b085fe30b4a2ccba10e0ca28ae851bf0bce96cfcff3f2cfa02fe7
-
Size
277KB
-
MD5
18ba63d8e16221ff09965ef2e27863a9
-
SHA1
1884c4b9ba976e6849bdcee47cc349cf09c58b8d
-
SHA256
7718463ca93b085fe30b4a2ccba10e0ca28ae851bf0bce96cfcff3f2cfa02fe7
-
SHA512
a73ce523218e037b7fd065a7361c558ce281a6cbd716e0ab1c5cb149d26e10558d13499e74786673e3c002d4b14bf7d9584ddc1959ff33576a8927325570584f
-
SSDEEP
3072:TLjOj5jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTWf+txO:TLSj5jAIDHE98JEbCe3QwSAZTA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-