General
-
Target
LauncherSU.exe
-
Size
4.6MB
-
Sample
230405-p1wnjagf9y
-
MD5
1ae71d2a00c2781136f0d041617131ad
-
SHA1
ac45f06da190a8fbf7e5f4e9f7d9afdd941e7df6
-
SHA256
7b483b575f88d063ec7d84405be25d5d29579133e9951e5f7b5e2b0d9632472f
-
SHA512
597ddab8dafc57121ac7b24f4517ae6c2bed20ff4563acfedb0c5f074188f1cae289d1a31a4b76ebd6ce14eeba5d309de1f79a26cf15e08eb93469989c640d91
-
SSDEEP
98304:P2fwb4rsly4guky5c4l0SsNL8eHNLqC0w9e+Zl/As4gXdu:swEsYM5OSsgAb/AVgX4
Static task
static1
Behavioral task
behavioral1
Sample
LauncherSU.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
LauncherSU.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
@OxPhOenix
77.220.212.176:35752
Targets
-
-
Target
LauncherSU.exe
-
Size
4.6MB
-
MD5
1ae71d2a00c2781136f0d041617131ad
-
SHA1
ac45f06da190a8fbf7e5f4e9f7d9afdd941e7df6
-
SHA256
7b483b575f88d063ec7d84405be25d5d29579133e9951e5f7b5e2b0d9632472f
-
SHA512
597ddab8dafc57121ac7b24f4517ae6c2bed20ff4563acfedb0c5f074188f1cae289d1a31a4b76ebd6ce14eeba5d309de1f79a26cf15e08eb93469989c640d91
-
SSDEEP
98304:P2fwb4rsly4guky5c4l0SsNL8eHNLqC0w9e+Zl/As4gXdu:swEsYM5OSsgAb/AVgX4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-