General
-
Target
0f9234052fb917566646a172326c46b0c4c55e4de5e8e8e0435452dc2aa8859d.exe
-
Size
361KB
-
Sample
230405-m5vwpadf74
-
MD5
401e0f6386734e34132480cd471e129c
-
SHA1
53812d392907a0b3583b62e849e80b3498c37092
-
SHA256
0f9234052fb917566646a172326c46b0c4c55e4de5e8e8e0435452dc2aa8859d
-
SHA512
ac2e5ad8f82e01c3bea3d9e47dc11b0265d5d03b7875c0a3f3edf76c6ff060a98f2ca9c655cef8ddccc3b7cd3de676cc7aedc270a887f822fd6c7ec1bae5f5d7
-
SSDEEP
6144:yYNzvLnjAwAgwobtV2s7cfi58CRYKB2jt/Y/ryL0JpPixWAixWAixWAixWAi4f3j:ywyAV2VKZPBsg+L0JpPixWAixWAixWAC
Static task
static1
Behavioral task
behavioral1
Sample
0f9234052fb917566646a172326c46b0c4c55e4de5e8e8e0435452dc2aa8859d.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0f9234052fb917566646a172326c46b0c4c55e4de5e8e8e0435452dc2aa8859d.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
@qkies_new
185.106.93.132:800
-
auth_value
aa79a3e21b835d99b68bdcd94f0b0962
Targets
-
-
Target
0f9234052fb917566646a172326c46b0c4c55e4de5e8e8e0435452dc2aa8859d.exe
-
Size
361KB
-
MD5
401e0f6386734e34132480cd471e129c
-
SHA1
53812d392907a0b3583b62e849e80b3498c37092
-
SHA256
0f9234052fb917566646a172326c46b0c4c55e4de5e8e8e0435452dc2aa8859d
-
SHA512
ac2e5ad8f82e01c3bea3d9e47dc11b0265d5d03b7875c0a3f3edf76c6ff060a98f2ca9c655cef8ddccc3b7cd3de676cc7aedc270a887f822fd6c7ec1bae5f5d7
-
SSDEEP
6144:yYNzvLnjAwAgwobtV2s7cfi58CRYKB2jt/Y/ryL0JpPixWAixWAixWAixWAi4f3j:ywyAV2VKZPBsg+L0JpPixWAixWAixWAC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-