General
-
Target
6c1d2239286fca6747797c6fb69f6f2fa0ebd5ef6bfe45d462b803bf9d6fc094
-
Size
736KB
-
Sample
230606-e55rwsca45
-
MD5
6e52587bf938d0e17a7c8a348ba17add
-
SHA1
eadcdea094a50f23b3c58009b589487c2bb9c651
-
SHA256
6c1d2239286fca6747797c6fb69f6f2fa0ebd5ef6bfe45d462b803bf9d6fc094
-
SHA512
d5f51db624649976c76f0d380e0c254bcc44fa3e73c7ee934ee9ef48310cc5b1d65651d945e9295a32fe15134646a6911d8d30f24d00525481d4d1e87f380a68
-
SSDEEP
12288:wMrwy90IkrhgHqJh3avllMswqivXpsdO4OZaEE4Q9EXz4JbTdTipwz9u1B:Qyjk/ZkMsw3scZm4E+GfdupGm
Static task
static1
Behavioral task
behavioral1
Sample
6c1d2239286fca6747797c6fb69f6f2fa0ebd5ef6bfe45d462b803bf9d6fc094.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
6c1d2239286fca6747797c6fb69f6f2fa0ebd5ef6bfe45d462b803bf9d6fc094
-
Size
736KB
-
MD5
6e52587bf938d0e17a7c8a348ba17add
-
SHA1
eadcdea094a50f23b3c58009b589487c2bb9c651
-
SHA256
6c1d2239286fca6747797c6fb69f6f2fa0ebd5ef6bfe45d462b803bf9d6fc094
-
SHA512
d5f51db624649976c76f0d380e0c254bcc44fa3e73c7ee934ee9ef48310cc5b1d65651d945e9295a32fe15134646a6911d8d30f24d00525481d4d1e87f380a68
-
SSDEEP
12288:wMrwy90IkrhgHqJh3avllMswqivXpsdO4OZaEE4Q9EXz4JbTdTipwz9u1B:Qyjk/ZkMsw3scZm4E+GfdupGm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-