General
-
Target
Redline.rar
-
Size
14.6MB
-
Sample
230329-xz8kpshf24
-
MD5
319528db2efe3c3c70f2055c2124cde0
-
SHA1
65d0f7a4fadf37c31b36b3f7cc8a41aaa900a948
-
SHA256
d3a8158d46db1f8476fc7ebef93bd600fbda04bba4bdf9af280f8f9ed6ba1d62
-
SHA512
4d6934a174ea25e345ea1ab271fe2ba13212f09d67f8237077c66563aaefa5fe2f6cf8943871f320cd3c57f2d72e107a59df898b3c2c15d8428c9b15f56b69c2
-
SSDEEP
393216:PIqhkgQh8zMXpThNGO1o+F6vMSmR8+nVtck0j:gqARXhh1tF6vBmmjV
Behavioral task
behavioral1
Sample
Redline.rar
Resource
win10-20230220-en
Malware Config
Extracted
redline
cheat
141.255.156.206:35361
Targets
-
-
Target
Redline.rar
-
Size
14.6MB
-
MD5
319528db2efe3c3c70f2055c2124cde0
-
SHA1
65d0f7a4fadf37c31b36b3f7cc8a41aaa900a948
-
SHA256
d3a8158d46db1f8476fc7ebef93bd600fbda04bba4bdf9af280f8f9ed6ba1d62
-
SHA512
4d6934a174ea25e345ea1ab271fe2ba13212f09d67f8237077c66563aaefa5fe2f6cf8943871f320cd3c57f2d72e107a59df898b3c2c15d8428c9b15f56b69c2
-
SSDEEP
393216:PIqhkgQh8zMXpThNGO1o+F6vMSmR8+nVtck0j:gqARXhh1tF6vBmmjV
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-