General
-
Target
9c18ac82f0be2291427ca35f78125995.exe
-
Size
735KB
-
Sample
230606-cp6cdacc51
-
MD5
9c18ac82f0be2291427ca35f78125995
-
SHA1
60a28ac36ba8a172270aa04d2489bc9473388c86
-
SHA256
6188e5f8b617ea28c133767f61549ee8e8e279348c62b13a59676e5858692a8f
-
SHA512
e8795fbcdb04d422bd1c65e8367bc2b35394d167ace974feab53ca3914387e10d4b1deee5cac040d8de90c4c5770c82cd1e2da6e03ba83477125bada0dc01b2b
-
SSDEEP
12288:5MrKy90x1M2I2AfcEvXfwh6RaSxNtXZisBaeoo7Fl2F1tmvHEcMDVMviceir4Mnh:LyeI1XMMN0xo7FI1okcMpM+wFnXIk
Static task
static1
Behavioral task
behavioral1
Sample
9c18ac82f0be2291427ca35f78125995.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
9c18ac82f0be2291427ca35f78125995.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
9c18ac82f0be2291427ca35f78125995.exe
-
Size
735KB
-
MD5
9c18ac82f0be2291427ca35f78125995
-
SHA1
60a28ac36ba8a172270aa04d2489bc9473388c86
-
SHA256
6188e5f8b617ea28c133767f61549ee8e8e279348c62b13a59676e5858692a8f
-
SHA512
e8795fbcdb04d422bd1c65e8367bc2b35394d167ace974feab53ca3914387e10d4b1deee5cac040d8de90c4c5770c82cd1e2da6e03ba83477125bada0dc01b2b
-
SSDEEP
12288:5MrKy90x1M2I2AfcEvXfwh6RaSxNtXZisBaeoo7Fl2F1tmvHEcMDVMviceir4Mnh:LyeI1XMMN0xo7FI1okcMpM+wFnXIk
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-