General
-
Target
fb4264ded0d6acf851ad8435017f65725f15aafa6284189c866a90f49ef59965
-
Size
277KB
-
Sample
221206-gzqf5abc65
-
MD5
5b0d9cb77835048a53d5f9b658934521
-
SHA1
cd5fea7b675c21c4a2dd336e96b6d72c6b55aef6
-
SHA256
fb4264ded0d6acf851ad8435017f65725f15aafa6284189c866a90f49ef59965
-
SHA512
5c2cb0afb3045d70a372c62c37e49880d26e0ea53ef4d22d22f329f09fa09cb45e0da3137d1abb615cda0d2a24d515156cfbd9c9a757a90ac9a0ccd892f128d6
-
SSDEEP
3072:cLjO35jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTW++1xO:cLS35jAIDHE98JEbCe3QwSAZTh
Static task
static1
Behavioral task
behavioral1
Sample
fb4264ded0d6acf851ad8435017f65725f15aafa6284189c866a90f49ef59965.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
fb4264ded0d6acf851ad8435017f65725f15aafa6284189c866a90f49ef59965
-
Size
277KB
-
MD5
5b0d9cb77835048a53d5f9b658934521
-
SHA1
cd5fea7b675c21c4a2dd336e96b6d72c6b55aef6
-
SHA256
fb4264ded0d6acf851ad8435017f65725f15aafa6284189c866a90f49ef59965
-
SHA512
5c2cb0afb3045d70a372c62c37e49880d26e0ea53ef4d22d22f329f09fa09cb45e0da3137d1abb615cda0d2a24d515156cfbd9c9a757a90ac9a0ccd892f128d6
-
SSDEEP
3072:cLjO35jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTW++1xO:cLS35jAIDHE98JEbCe3QwSAZTh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-