General
-
Target
2e6f8546a5d18f6199355eae0997aab4a47a3ae0ec4177c171a31cfcb49b69f6
-
Size
730KB
-
Sample
230606-fblmlacf3w
-
MD5
75515bf34e0199bc0e105762182c554b
-
SHA1
50d6c2caf69d60325891f86ddd5b15b410bc771e
-
SHA256
2e6f8546a5d18f6199355eae0997aab4a47a3ae0ec4177c171a31cfcb49b69f6
-
SHA512
61e6945e0a7d5a446a9e68e89e60e0971c1249659ef5697b3e2da6490cb898e8d42396597affb59e8bf2c30a8befdb354d950d771971a53147ba592d8bf0e1f2
-
SSDEEP
12288:5Mrgy90Jrz2zj/KAm+Kh8LtqxpypyWUKdDoY+TgBpZMt+P2W:tyOP2zj/DFLAxp8yfUugBh2W
Static task
static1
Behavioral task
behavioral1
Sample
2e6f8546a5d18f6199355eae0997aab4a47a3ae0ec4177c171a31cfcb49b69f6.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
2e6f8546a5d18f6199355eae0997aab4a47a3ae0ec4177c171a31cfcb49b69f6
-
Size
730KB
-
MD5
75515bf34e0199bc0e105762182c554b
-
SHA1
50d6c2caf69d60325891f86ddd5b15b410bc771e
-
SHA256
2e6f8546a5d18f6199355eae0997aab4a47a3ae0ec4177c171a31cfcb49b69f6
-
SHA512
61e6945e0a7d5a446a9e68e89e60e0971c1249659ef5697b3e2da6490cb898e8d42396597affb59e8bf2c30a8befdb354d950d771971a53147ba592d8bf0e1f2
-
SSDEEP
12288:5Mrgy90Jrz2zj/KAm+Kh8LtqxpypyWUKdDoY+TgBpZMt+P2W:tyOP2zj/DFLAxp8yfUugBh2W
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-