General
-
Target
ad97962cf21b019a9d5a154c3b497a2aebf15786ed51565372938d969cb7694e
-
Size
734KB
-
Sample
230606-evc9wsbh98
-
MD5
9efcf13c473aa0a1a0d6f559703bb54b
-
SHA1
2e3cc4a24e9566188dbb4201484d15ca1aaeee4c
-
SHA256
ad97962cf21b019a9d5a154c3b497a2aebf15786ed51565372938d969cb7694e
-
SHA512
1a7d1d07049eca32c2c106e66302aeba27c6002e4db604f16a18abd4b5f9fbabcf81d535fd031596600253f6f6d9d847778e4001cf37c30ef9f2f534563e0da6
-
SSDEEP
12288:TMrYy90fXmKlDFiMdFD8mUdKxDaf+RFdVoG4Ld4FYrEqjHkUjHD2/YUwjfEun:Dy4PZpbDIdOlDVC54FWhHrUwXn
Static task
static1
Behavioral task
behavioral1
Sample
ad97962cf21b019a9d5a154c3b497a2aebf15786ed51565372938d969cb7694e.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
ad97962cf21b019a9d5a154c3b497a2aebf15786ed51565372938d969cb7694e
-
Size
734KB
-
MD5
9efcf13c473aa0a1a0d6f559703bb54b
-
SHA1
2e3cc4a24e9566188dbb4201484d15ca1aaeee4c
-
SHA256
ad97962cf21b019a9d5a154c3b497a2aebf15786ed51565372938d969cb7694e
-
SHA512
1a7d1d07049eca32c2c106e66302aeba27c6002e4db604f16a18abd4b5f9fbabcf81d535fd031596600253f6f6d9d847778e4001cf37c30ef9f2f534563e0da6
-
SSDEEP
12288:TMrYy90fXmKlDFiMdFD8mUdKxDaf+RFdVoG4Ld4FYrEqjHkUjHD2/YUwjfEun:Dy4PZpbDIdOlDVC54FWhHrUwXn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-