General
-
Target
3a4eea2f85cbd5b3e64f300995cd73fe49c8f87ebd04390f9e7bfd255e530208
-
Size
734KB
-
Sample
230605-yw56vabb9z
-
MD5
9a6580b46ca50ce4131cb918ac997add
-
SHA1
5e5ce44dfa36452470e70550d7236c7f099fd8c4
-
SHA256
3a4eea2f85cbd5b3e64f300995cd73fe49c8f87ebd04390f9e7bfd255e530208
-
SHA512
4741fef9ce323bb08cb469a8f07f3e883173a44ce88c96021668e491b919743aabf4022d65aa95ffbb081729ab1df5b280b618981b6e9e307ddd466343db26b6
-
SSDEEP
12288:AMryy90/R5FGwpJwfk49FrWMal5ZaWPMYdjX3A9FB6R5EbVFMrLXnPqz6WMJ8am4:iyM8gwfr9JilyWP5XQFkARFMHPqvMJ8O
Static task
static1
Behavioral task
behavioral1
Sample
3a4eea2f85cbd5b3e64f300995cd73fe49c8f87ebd04390f9e7bfd255e530208.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
3a4eea2f85cbd5b3e64f300995cd73fe49c8f87ebd04390f9e7bfd255e530208
-
Size
734KB
-
MD5
9a6580b46ca50ce4131cb918ac997add
-
SHA1
5e5ce44dfa36452470e70550d7236c7f099fd8c4
-
SHA256
3a4eea2f85cbd5b3e64f300995cd73fe49c8f87ebd04390f9e7bfd255e530208
-
SHA512
4741fef9ce323bb08cb469a8f07f3e883173a44ce88c96021668e491b919743aabf4022d65aa95ffbb081729ab1df5b280b618981b6e9e307ddd466343db26b6
-
SSDEEP
12288:AMryy90/R5FGwpJwfk49FrWMal5ZaWPMYdjX3A9FB6R5EbVFMrLXnPqz6WMJ8am4:iyM8gwfr9JilyWP5XQFkARFMHPqvMJ8O
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-