General
-
Target
9b1569eac6f413200d97c3f56625ee3a3de4a0d30e6bd322ea1dea7fa2067da6
-
Size
736KB
-
Sample
230605-z756naah53
-
MD5
97cbd866913097c68d121dc939652d4e
-
SHA1
4398879bf06b91351a09690ed7f92ff1d374ee50
-
SHA256
9b1569eac6f413200d97c3f56625ee3a3de4a0d30e6bd322ea1dea7fa2067da6
-
SHA512
448bc2f38d8f91e0bb7cab58661895bafc71563ef5586f3a2a09909d95e1dafbc0ba73581382ef28acbc1449b6de7204b54193ba3d7292b7d1b9eb0ce3f736af
-
SSDEEP
12288:rMrdy907QXzRJ3CPsBO89H4ytfvhthxoEzgbow1nx9ecc7k:SyHPksBOUH4yiEVwX9+7k
Static task
static1
Behavioral task
behavioral1
Sample
9b1569eac6f413200d97c3f56625ee3a3de4a0d30e6bd322ea1dea7fa2067da6.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
9b1569eac6f413200d97c3f56625ee3a3de4a0d30e6bd322ea1dea7fa2067da6
-
Size
736KB
-
MD5
97cbd866913097c68d121dc939652d4e
-
SHA1
4398879bf06b91351a09690ed7f92ff1d374ee50
-
SHA256
9b1569eac6f413200d97c3f56625ee3a3de4a0d30e6bd322ea1dea7fa2067da6
-
SHA512
448bc2f38d8f91e0bb7cab58661895bafc71563ef5586f3a2a09909d95e1dafbc0ba73581382ef28acbc1449b6de7204b54193ba3d7292b7d1b9eb0ce3f736af
-
SSDEEP
12288:rMrdy907QXzRJ3CPsBO89H4ytfvhthxoEzgbow1nx9ecc7k:SyHPksBOUH4yiEVwX9+7k
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-