General
-
Target
5a5d66f78d2a7aca898fc4598017e6fd8c17f3b4d71a6c4f1e549bff9a913c5f
-
Size
1.4MB
-
Sample
230103-f4vqzadc4v
-
MD5
506bcd7c28b5f2aba6a55484d2423df6
-
SHA1
01026e92e802235582135378d87232a9e0f91f19
-
SHA256
5a5d66f78d2a7aca898fc4598017e6fd8c17f3b4d71a6c4f1e549bff9a913c5f
-
SHA512
a5e75ac4af916e92280a3141d02b141d263fdf6d201d8d256e33a31a20acdead068b9ad1cf67559dfefb5a7432adbe82c93d9b2feb7f97b05374c0b882292958
-
SSDEEP
24576:g71YR9epPTBP8/pZtjjIAd4C2breL5HRB6dFA/XU+zoXWw//SBEUDaR8JP8rB/bn:D9eprN4jIAdRUrAtr6dCPUjfnrB8BgTn
Static task
static1
Behavioral task
behavioral1
Sample
5a5d66f78d2a7aca898fc4598017e6fd8c17f3b4d71a6c4f1e549bff9a913c5f.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
5a5d66f78d2a7aca898fc4598017e6fd8c17f3b4d71a6c4f1e549bff9a913c5f.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
1310
79.137.192.57:48771
-
auth_value
feb5f5c29913f32658637e553762a40e
Targets
-
-
Target
5a5d66f78d2a7aca898fc4598017e6fd8c17f3b4d71a6c4f1e549bff9a913c5f
-
Size
1.4MB
-
MD5
506bcd7c28b5f2aba6a55484d2423df6
-
SHA1
01026e92e802235582135378d87232a9e0f91f19
-
SHA256
5a5d66f78d2a7aca898fc4598017e6fd8c17f3b4d71a6c4f1e549bff9a913c5f
-
SHA512
a5e75ac4af916e92280a3141d02b141d263fdf6d201d8d256e33a31a20acdead068b9ad1cf67559dfefb5a7432adbe82c93d9b2feb7f97b05374c0b882292958
-
SSDEEP
24576:g71YR9epPTBP8/pZtjjIAd4C2breL5HRB6dFA/XU+zoXWw//SBEUDaR8JP8rB/bn:D9eprN4jIAdRUrAtr6dCPUjfnrB8BgTn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-