General
-
Target
1b6049b29e1dc1fa4215e6e48ce3c76591289a36541b8e2a26cbd91f78d432ff
-
Size
277KB
-
Sample
221206-jcw2haad7t
-
MD5
fbae7f31ebf60385af43c4b29fa3a763
-
SHA1
aaf53ea50c51db4e1dfa1c474ef95c218aff1c15
-
SHA256
1b6049b29e1dc1fa4215e6e48ce3c76591289a36541b8e2a26cbd91f78d432ff
-
SHA512
5e75d8f9523f81ebf0d666976d6c828b851d6204a182284d2bff3f4cafb76dd65fc983e5e1c20a8174551157af111fece12a58641c8d87c50328d2476965823b
-
SSDEEP
3072:YLjOj5jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTW2+MxO:YLSj5jAIDHE98JEbCe3QwSAZT0
Static task
static1
Behavioral task
behavioral1
Sample
1b6049b29e1dc1fa4215e6e48ce3c76591289a36541b8e2a26cbd91f78d432ff.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
1b6049b29e1dc1fa4215e6e48ce3c76591289a36541b8e2a26cbd91f78d432ff
-
Size
277KB
-
MD5
fbae7f31ebf60385af43c4b29fa3a763
-
SHA1
aaf53ea50c51db4e1dfa1c474ef95c218aff1c15
-
SHA256
1b6049b29e1dc1fa4215e6e48ce3c76591289a36541b8e2a26cbd91f78d432ff
-
SHA512
5e75d8f9523f81ebf0d666976d6c828b851d6204a182284d2bff3f4cafb76dd65fc983e5e1c20a8174551157af111fece12a58641c8d87c50328d2476965823b
-
SSDEEP
3072:YLjOj5jAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGC5gTW2+MxO:YLSj5jAIDHE98JEbCe3QwSAZT0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-