General
-
Target
d58258962b6f6c073ed020f35133bb97dd11a7eb3bd6b803e685e6079cc1b3fa
-
Size
736KB
-
Sample
230605-1es63abd9t
-
MD5
df8f65501622e0bf9d9be25ef84b9e1d
-
SHA1
df97ba05c7948b060cb50eba2d7665f577803f55
-
SHA256
d58258962b6f6c073ed020f35133bb97dd11a7eb3bd6b803e685e6079cc1b3fa
-
SHA512
7324b4dabf775cadca75dec3a664adcacc6ef07a6f00f6d06b7ddeb463ce0fcab1ad55e81cad0fcb84b98a16a146919eeda832378d682becfdc30ddb3374457b
-
SSDEEP
12288:gMrgy90S8auBiyKxjsvb7mprYX0twiqoGUuSMhiBSXkNIFDmGHMXHWBx:wy2jhKkber2mwHvOMCl8
Static task
static1
Behavioral task
behavioral1
Sample
d58258962b6f6c073ed020f35133bb97dd11a7eb3bd6b803e685e6079cc1b3fa.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
d58258962b6f6c073ed020f35133bb97dd11a7eb3bd6b803e685e6079cc1b3fa
-
Size
736KB
-
MD5
df8f65501622e0bf9d9be25ef84b9e1d
-
SHA1
df97ba05c7948b060cb50eba2d7665f577803f55
-
SHA256
d58258962b6f6c073ed020f35133bb97dd11a7eb3bd6b803e685e6079cc1b3fa
-
SHA512
7324b4dabf775cadca75dec3a664adcacc6ef07a6f00f6d06b7ddeb463ce0fcab1ad55e81cad0fcb84b98a16a146919eeda832378d682becfdc30ddb3374457b
-
SSDEEP
12288:gMrgy90S8auBiyKxjsvb7mprYX0twiqoGUuSMhiBSXkNIFDmGHMXHWBx:wy2jhKkber2mwHvOMCl8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-