General
-
Target
setup.exe
-
Size
254KB
-
Sample
230508-y7119sce97
-
MD5
f92872c7fa2fad2d46630f0b227140f3
-
SHA1
6a75752d71b660be73f95d196961066cd43ba478
-
SHA256
81b5d173f80f901298403f247e0d973d3a4b04cef695f0fb11c893dbaaa48882
-
SHA512
0686239aafc4797f076b8381ee8e01f9bd63fd2978c2e88e8f8b7d3fd449d89fd263daa3a2672a9424792dffdb4c0a2f8edabd7bbd66ab72a189c38a6dac48a8
-
SSDEEP
6144:Z3BWucNjDaf62dFE44anw4dlBDDgxG8RfofqD:Z38uyj662r2v4z+NRQfy
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
install
65.109.31.189:27598
-
auth_value
639643bb5bea0bee4cf2206de24c57db
Targets
-
-
Target
setup.exe
-
Size
254KB
-
MD5
f92872c7fa2fad2d46630f0b227140f3
-
SHA1
6a75752d71b660be73f95d196961066cd43ba478
-
SHA256
81b5d173f80f901298403f247e0d973d3a4b04cef695f0fb11c893dbaaa48882
-
SHA512
0686239aafc4797f076b8381ee8e01f9bd63fd2978c2e88e8f8b7d3fd449d89fd263daa3a2672a9424792dffdb4c0a2f8edabd7bbd66ab72a189c38a6dac48a8
-
SSDEEP
6144:Z3BWucNjDaf62dFE44anw4dlBDDgxG8RfofqD:Z38uyj662r2v4z+NRQfy
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-