General
-
Target
tmp
-
Size
896KB
-
Sample
230317-g4l99see84
-
MD5
e01eed093c11df9172d1a70484e8f973
-
SHA1
6a9b4f44a5d2cdab4770811543963e66f09d97ec
-
SHA256
a32d74feaebde8f218d02d99347983aa9b9be0ec85a4f409c5f210fbd3f861bb
-
SHA512
6a6a327210f5d35a307c1b9b66bf6e5b65b7cb2303e9126a5457a1be1ac708281cca0a4aea6d4b55e503e930a24213218271e261f80f5df4162be351317c8022
-
SSDEEP
12288:C4a2aC3D3Lfzn7PjXNWjCT3eOPRRlWXYtvp0OjGP91pCmOBgu50x3ecZ:HsjCT6u0tP/OBgu50x3ecZ
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
MatyWon2
85.31.54.216:43728
-
auth_value
abc9e9d7ec3024110589ea03bcfaaa89
Targets
-
-
Target
tmp
-
Size
896KB
-
MD5
e01eed093c11df9172d1a70484e8f973
-
SHA1
6a9b4f44a5d2cdab4770811543963e66f09d97ec
-
SHA256
a32d74feaebde8f218d02d99347983aa9b9be0ec85a4f409c5f210fbd3f861bb
-
SHA512
6a6a327210f5d35a307c1b9b66bf6e5b65b7cb2303e9126a5457a1be1ac708281cca0a4aea6d4b55e503e930a24213218271e261f80f5df4162be351317c8022
-
SSDEEP
12288:C4a2aC3D3Lfzn7PjXNWjCT3eOPRRlWXYtvp0OjGP91pCmOBgu50x3ecZ:HsjCT6u0tP/OBgu50x3ecZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-