General
-
Target
e19bc44c516509be37c495a81e8aabfb7ceafd296712813483e75b0203b1c74e
-
Size
735KB
-
Sample
230605-zcfyaabc8z
-
MD5
b59db67651d5182ece61114b8500c91f
-
SHA1
f0ee5e660531dc1c758e48ee0276af90025c747e
-
SHA256
e19bc44c516509be37c495a81e8aabfb7ceafd296712813483e75b0203b1c74e
-
SHA512
95e175727b503f1b337988b15aa480c50db918628dbd5fe2a7eeee628b8a1fc7b7189419e2834df3a7cb0237cf1fb2a3135f1e2148d3d9351b63c7a7d8e08add
-
SSDEEP
12288:/Mr6y906E4CN4zNJosz2+vS9da1IXdfbZYub2I4BqQ6jcYhjBt89n:xya4s8o02+vHItBypBB++
Static task
static1
Behavioral task
behavioral1
Sample
e19bc44c516509be37c495a81e8aabfb7ceafd296712813483e75b0203b1c74e.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
e19bc44c516509be37c495a81e8aabfb7ceafd296712813483e75b0203b1c74e
-
Size
735KB
-
MD5
b59db67651d5182ece61114b8500c91f
-
SHA1
f0ee5e660531dc1c758e48ee0276af90025c747e
-
SHA256
e19bc44c516509be37c495a81e8aabfb7ceafd296712813483e75b0203b1c74e
-
SHA512
95e175727b503f1b337988b15aa480c50db918628dbd5fe2a7eeee628b8a1fc7b7189419e2834df3a7cb0237cf1fb2a3135f1e2148d3d9351b63c7a7d8e08add
-
SSDEEP
12288:/Mr6y906E4CN4zNJosz2+vS9da1IXdfbZYub2I4BqQ6jcYhjBt89n:xya4s8o02+vHItBypBB++
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-