General
-
Target
abb2c05b20896b356f474fa897290564cd73ca5549af5e3121b547b41a4460a0
-
Size
269KB
-
Sample
221206-mdnnascc2t
-
MD5
fafce6a43296b9555139887bf7748e63
-
SHA1
bb8ab8404dc3466e600fe98b938722e5793a3a0f
-
SHA256
abb2c05b20896b356f474fa897290564cd73ca5549af5e3121b547b41a4460a0
-
SHA512
11bfaa81d5a0bbd5a2be7a0431224c7f52bd8d504bfa36f7307420e1664e0b27a3f5006a00844797cb83bcff1f03306e4a01e8463e7fcf9e86f41d4be1bf937e
-
SSDEEP
3072:GMADZuNENYoKjAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGCVy9Yn4SCrxO:jADZuNENSjAIDHE98JEbCe3QwSAZTK
Static task
static1
Behavioral task
behavioral1
Sample
abb2c05b20896b356f474fa897290564cd73ca5549af5e3121b547b41a4460a0.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
abb2c05b20896b356f474fa897290564cd73ca5549af5e3121b547b41a4460a0
-
Size
269KB
-
MD5
fafce6a43296b9555139887bf7748e63
-
SHA1
bb8ab8404dc3466e600fe98b938722e5793a3a0f
-
SHA256
abb2c05b20896b356f474fa897290564cd73ca5549af5e3121b547b41a4460a0
-
SHA512
11bfaa81d5a0bbd5a2be7a0431224c7f52bd8d504bfa36f7307420e1664e0b27a3f5006a00844797cb83bcff1f03306e4a01e8463e7fcf9e86f41d4be1bf937e
-
SSDEEP
3072:GMADZuNENYoKjAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGCVy9Yn4SCrxO:jADZuNENSjAIDHE98JEbCe3QwSAZTK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-