General
-
Target
9e9f78c11d98add9862c8931b4dccd231d983e2500c6c4730a8f66406ad4700a
-
Size
675KB
-
Sample
230129-xmfddsbe4s
-
MD5
0b010d126dd498b74a84fd12a78a5d9f
-
SHA1
d8c3f2111812f908a186e0b96049bcf482446625
-
SHA256
9e9f78c11d98add9862c8931b4dccd231d983e2500c6c4730a8f66406ad4700a
-
SHA512
4b089805bf0c11d1b711d6f088f251eb86d71b62611437e75c06e74eb9caa4fe6906f6f0a7f20e25f64d87a078fbb5691d083630fdb82ad3251ac46a4850deba
-
SSDEEP
12288:SX+oASeSGEICzkHKYz4WeImE8C2Gu+6WG:qsCKn1zu+
Static task
static1
Behavioral task
behavioral1
Sample
9e9f78c11d98add9862c8931b4dccd231d983e2500c6c4730a8f66406ad4700a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9e9f78c11d98add9862c8931b4dccd231d983e2500c6c4730a8f66406ad4700a.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
Adan Tylor
91.211.251.112:3214
Targets
-
-
Target
9e9f78c11d98add9862c8931b4dccd231d983e2500c6c4730a8f66406ad4700a
-
Size
675KB
-
MD5
0b010d126dd498b74a84fd12a78a5d9f
-
SHA1
d8c3f2111812f908a186e0b96049bcf482446625
-
SHA256
9e9f78c11d98add9862c8931b4dccd231d983e2500c6c4730a8f66406ad4700a
-
SHA512
4b089805bf0c11d1b711d6f088f251eb86d71b62611437e75c06e74eb9caa4fe6906f6f0a7f20e25f64d87a078fbb5691d083630fdb82ad3251ac46a4850deba
-
SSDEEP
12288:SX+oASeSGEICzkHKYz4WeImE8C2Gu+6WG:qsCKn1zu+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-