General
-
Target
a9d8b0c4864b446bec6aa42fb89a53f3df431abf36e678dda594d07a30aae3f2
-
Size
1.4MB
-
Sample
230103-f9tqvsdd7s
-
MD5
af63db939066f6a4c62835d3232b2a0a
-
SHA1
395100cc1d417a241d1dacf5305a23e2f2d672f1
-
SHA256
a9d8b0c4864b446bec6aa42fb89a53f3df431abf36e678dda594d07a30aae3f2
-
SHA512
4f847c31659119a6ddaefb196ffc12a3ad562b49baedf28fbd5bb14829e16b399064c9700ec68cedc627cad9b08115ec301c6650c5a98d6780c9d71346f305e6
-
SSDEEP
24576:H71YR9epATBP8g4LStNvSycFM+sAfe4QnVjG4BUKMEQNE6fQGpXkdjmtd3JeLpw:m9epENiwvXcmUzQnVZ+RXkUtdwLpw
Static task
static1
Behavioral task
behavioral1
Sample
a9d8b0c4864b446bec6aa42fb89a53f3df431abf36e678dda594d07a30aae3f2.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
a9d8b0c4864b446bec6aa42fb89a53f3df431abf36e678dda594d07a30aae3f2.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
1310
79.137.192.57:48771
-
auth_value
feb5f5c29913f32658637e553762a40e
Targets
-
-
Target
a9d8b0c4864b446bec6aa42fb89a53f3df431abf36e678dda594d07a30aae3f2
-
Size
1.4MB
-
MD5
af63db939066f6a4c62835d3232b2a0a
-
SHA1
395100cc1d417a241d1dacf5305a23e2f2d672f1
-
SHA256
a9d8b0c4864b446bec6aa42fb89a53f3df431abf36e678dda594d07a30aae3f2
-
SHA512
4f847c31659119a6ddaefb196ffc12a3ad562b49baedf28fbd5bb14829e16b399064c9700ec68cedc627cad9b08115ec301c6650c5a98d6780c9d71346f305e6
-
SSDEEP
24576:H71YR9epATBP8g4LStNvSycFM+sAfe4QnVjG4BUKMEQNE6fQGpXkdjmtd3JeLpw:m9epENiwvXcmUzQnVZ+RXkUtdwLpw
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-