General
-
Target
a6e9c9ed024c4026aa68627c95c52b87e9206b47ffee87f06abfc85218e69cb9
-
Size
269KB
-
Sample
221206-nzjrxaef46
-
MD5
761da75b0364cc4637a5ce825bb533ae
-
SHA1
129b9d68c63c2711b16c3957ce90d0dac634f941
-
SHA256
a6e9c9ed024c4026aa68627c95c52b87e9206b47ffee87f06abfc85218e69cb9
-
SHA512
e60e420f325d82da994fa8c2a02984f8a497435ff91661c3f54ae40cc2719dec12871fcee0bc6972e8a171e4322948f5cbea2e6c5311243d54d210efc15ad16c
-
SSDEEP
3072:YMADZupENYoKjAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGCVy9xn47O9xO:1ADZupENSjAIDHE98JEbCe3QwSAZTg
Static task
static1
Behavioral task
behavioral1
Sample
a6e9c9ed024c4026aa68627c95c52b87e9206b47ffee87f06abfc85218e69cb9.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
a6e9c9ed024c4026aa68627c95c52b87e9206b47ffee87f06abfc85218e69cb9
-
Size
269KB
-
MD5
761da75b0364cc4637a5ce825bb533ae
-
SHA1
129b9d68c63c2711b16c3957ce90d0dac634f941
-
SHA256
a6e9c9ed024c4026aa68627c95c52b87e9206b47ffee87f06abfc85218e69cb9
-
SHA512
e60e420f325d82da994fa8c2a02984f8a497435ff91661c3f54ae40cc2719dec12871fcee0bc6972e8a171e4322948f5cbea2e6c5311243d54d210efc15ad16c
-
SSDEEP
3072:YMADZupENYoKjAID8M/tdy98JMLOSEkb7WLa3QA/SfSnZKGCVy9xn47O9xO:1ADZupENSjAIDHE98JEbCe3QwSAZTg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-