General
-
Target
0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0.exe
-
Size
266KB
-
Sample
230405-m5kqqaff3y
-
MD5
f0370756c2a43d71769b05c9888596a2
-
SHA1
55490de87c0505a678cc1f254489306d04f280ef
-
SHA256
0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0
-
SHA512
2c969cc5423f45b592ba8acd06cbb3770a38afcba6fe0fd4b16633e4f0093bc029a0f7a6ec2b6e4ebbe6166df84fa09f79c035eeebee4b6cb6e265c75d8eb02c
-
SSDEEP
6144:rPuZRcAJia/tnkxWZyUHS3uaeDyC8UCXiH9wy:rPuDcA9FkUgUHS3u5yJr0
Static task
static1
Behavioral task
behavioral1
Sample
0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
yt
137.74.157.83:36657
-
auth_value
f34f51f9f38c0325b6757c6c89e24d40
Targets
-
-
Target
0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0.exe
-
Size
266KB
-
MD5
f0370756c2a43d71769b05c9888596a2
-
SHA1
55490de87c0505a678cc1f254489306d04f280ef
-
SHA256
0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0
-
SHA512
2c969cc5423f45b592ba8acd06cbb3770a38afcba6fe0fd4b16633e4f0093bc029a0f7a6ec2b6e4ebbe6166df84fa09f79c035eeebee4b6cb6e265c75d8eb02c
-
SSDEEP
6144:rPuZRcAJia/tnkxWZyUHS3uaeDyC8UCXiH9wy:rPuDcA9FkUgUHS3u5yJr0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-