General
-
Target
b3a1b205c885b1f2857a864c2be2bc4d1522f09f5a2006d3e04d4c6fc31c282c
-
Size
277KB
-
Sample
221206-hf6jnscf34
-
MD5
daafde2601a0d8f622a15bede4e11af9
-
SHA1
374a1ab4035649c120c05deac8155100e488142b
-
SHA256
b3a1b205c885b1f2857a864c2be2bc4d1522f09f5a2006d3e04d4c6fc31c282c
-
SHA512
30663d91e467407443d7e44235bd1c4ee76919430882ecdec0605a25d204b55d6a184e2582948088a24e3ff631d2b6b6c2f46aa0e752bb1832a7e91de64e3535
-
SSDEEP
3072:0LjO95jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTWL+BxO:0LS95jAIDHE98JEbCe3QwSAZTw
Static task
static1
Behavioral task
behavioral1
Sample
b3a1b205c885b1f2857a864c2be2bc4d1522f09f5a2006d3e04d4c6fc31c282c.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
b3a1b205c885b1f2857a864c2be2bc4d1522f09f5a2006d3e04d4c6fc31c282c
-
Size
277KB
-
MD5
daafde2601a0d8f622a15bede4e11af9
-
SHA1
374a1ab4035649c120c05deac8155100e488142b
-
SHA256
b3a1b205c885b1f2857a864c2be2bc4d1522f09f5a2006d3e04d4c6fc31c282c
-
SHA512
30663d91e467407443d7e44235bd1c4ee76919430882ecdec0605a25d204b55d6a184e2582948088a24e3ff631d2b6b6c2f46aa0e752bb1832a7e91de64e3535
-
SSDEEP
3072:0LjO95jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTWL+BxO:0LS95jAIDHE98JEbCe3QwSAZTw
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-