General
-
Target
00bb6358e0df84ccee85b3fbb8984f08a85d01363b472534c78b5234f90775c6
-
Size
688KB
-
Sample
230428-wdl9xahd71
-
MD5
7bd4712661150c741269655fffa840f2
-
SHA1
041bbe3383cdd57a7647e918cda230d23ae4cda7
-
SHA256
00bb6358e0df84ccee85b3fbb8984f08a85d01363b472534c78b5234f90775c6
-
SHA512
2805706b811ddde80a8b34161cd13acf063eb2f07e59ab68c99f227fb8ba14c9351084ae5634df600a6163ed09469fe8f8e8fb73283883af602df89fc1e8f370
-
SSDEEP
12288:K2IGs8HzgsEyDjWWnbBArxfNXCuEHQZmcryznhD5+dGY:KEHZG9ncyAhDgl
Static task
static1
Behavioral task
behavioral1
Sample
00bb6358e0df84ccee85b3fbb8984f08a85d01363b472534c78b5234f90775c6.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00bb6358e0df84ccee85b3fbb8984f08a85d01363b472534c78b5234f90775c6.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
whnt
peusharner.xyz:80
Targets
-
-
Target
00bb6358e0df84ccee85b3fbb8984f08a85d01363b472534c78b5234f90775c6
-
Size
688KB
-
MD5
7bd4712661150c741269655fffa840f2
-
SHA1
041bbe3383cdd57a7647e918cda230d23ae4cda7
-
SHA256
00bb6358e0df84ccee85b3fbb8984f08a85d01363b472534c78b5234f90775c6
-
SHA512
2805706b811ddde80a8b34161cd13acf063eb2f07e59ab68c99f227fb8ba14c9351084ae5634df600a6163ed09469fe8f8e8fb73283883af602df89fc1e8f370
-
SSDEEP
12288:K2IGs8HzgsEyDjWWnbBArxfNXCuEHQZmcryznhD5+dGY:KEHZG9ncyAhDgl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-