General
-
Target
d66061e11f941e77c914ce427585d7fbd6a58687c00449b533a6439b15076d75
-
Size
1.5MB
-
Sample
230103-gc8desde5z
-
MD5
eecabbaea447bde4abf070d0fcac1564
-
SHA1
74b5c6c9605bf71f2763b21e5dfd864a3b70bf33
-
SHA256
d66061e11f941e77c914ce427585d7fbd6a58687c00449b533a6439b15076d75
-
SHA512
4b63cd051967fcb33a1ae13270bfadf4a6adaa95a5be56dce0258f1ac9a9686b0a1960ecf5bebb60cce165e32f7b56d8bc213d800aa991bd6e6c9969859b91fc
-
SSDEEP
24576:b71YR9ep+TBP8AhBb1M/sEw1Me+BZ8G/KF0B8kdQJZerremgCjZ:q9epuNlhBhM/j7ByGyo8Zel
Static task
static1
Behavioral task
behavioral1
Sample
d66061e11f941e77c914ce427585d7fbd6a58687c00449b533a6439b15076d75.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
d66061e11f941e77c914ce427585d7fbd6a58687c00449b533a6439b15076d75.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
1310
79.137.192.57:48771
-
auth_value
feb5f5c29913f32658637e553762a40e
Targets
-
-
Target
d66061e11f941e77c914ce427585d7fbd6a58687c00449b533a6439b15076d75
-
Size
1.5MB
-
MD5
eecabbaea447bde4abf070d0fcac1564
-
SHA1
74b5c6c9605bf71f2763b21e5dfd864a3b70bf33
-
SHA256
d66061e11f941e77c914ce427585d7fbd6a58687c00449b533a6439b15076d75
-
SHA512
4b63cd051967fcb33a1ae13270bfadf4a6adaa95a5be56dce0258f1ac9a9686b0a1960ecf5bebb60cce165e32f7b56d8bc213d800aa991bd6e6c9969859b91fc
-
SSDEEP
24576:b71YR9ep+TBP8AhBb1M/sEw1Me+BZ8G/KF0B8kdQJZerremgCjZ:q9epuNlhBhM/j7ByGyo8Zel
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-