General
-
Target
a51724213693fe0e8a39b388b28211d4be2c7e6d794459e7a6f0b23b4907e425
-
Size
735KB
-
Sample
230606-e1e1nsca34
-
MD5
a51c02b762b1b9550a7347214c8ac876
-
SHA1
79c76af61c5f33e949f0a60be23441aaeb95f035
-
SHA256
a51724213693fe0e8a39b388b28211d4be2c7e6d794459e7a6f0b23b4907e425
-
SHA512
e78db4bbe2c4e8370a159df1c2050b63b2ff83aa1d7f88294f9289132ae4f78d8c1797dc102b9fbeaf11df0b33d8743c5a9179deb07d7f4feaa36c91cd91c08c
-
SSDEEP
12288:XMrjy90DXyur4aThTySrvZqBDDAS/KZXR2CRYiR55UuVTAHLk9cJv0g+8JEYRtS:cyALkWvZGnASoXR2CRY45UVHLmcJMCEx
Static task
static1
Behavioral task
behavioral1
Sample
a51724213693fe0e8a39b388b28211d4be2c7e6d794459e7a6f0b23b4907e425.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
a51724213693fe0e8a39b388b28211d4be2c7e6d794459e7a6f0b23b4907e425
-
Size
735KB
-
MD5
a51c02b762b1b9550a7347214c8ac876
-
SHA1
79c76af61c5f33e949f0a60be23441aaeb95f035
-
SHA256
a51724213693fe0e8a39b388b28211d4be2c7e6d794459e7a6f0b23b4907e425
-
SHA512
e78db4bbe2c4e8370a159df1c2050b63b2ff83aa1d7f88294f9289132ae4f78d8c1797dc102b9fbeaf11df0b33d8743c5a9179deb07d7f4feaa36c91cd91c08c
-
SSDEEP
12288:XMrjy90DXyur4aThTySrvZqBDDAS/KZXR2CRYiR55UuVTAHLk9cJv0g+8JEYRtS:cyALkWvZGnASoXR2CRY45UVHLmcJMCEx
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-