General
-
Target
5ed3ad1411adc0f83fe4eb87d5e2a59df51c6be99250dbe1590567caa6fb624a
-
Size
736KB
-
Sample
230606-ff4zqsca85
-
MD5
baad10f3b2b4ce0b7224e18f30e328a4
-
SHA1
1a8da4f28a7daadd186344ec2056169627eac721
-
SHA256
5ed3ad1411adc0f83fe4eb87d5e2a59df51c6be99250dbe1590567caa6fb624a
-
SHA512
1d9a1df9b08ec308036f844f4f74cb570cfbaad4a3255044f468b5dd73bc239400bb9ccd144adec6db5c750dd0683f3bea544f3d2abee8929c6321a671090508
-
SSDEEP
12288:AMrdy90UuIGtTLZnLZNjinYt+74GWrUK8ZwMYY6P4GLjfLyV:Ny+9LZFNjiY+ZTDGvLyV
Static task
static1
Behavioral task
behavioral1
Sample
5ed3ad1411adc0f83fe4eb87d5e2a59df51c6be99250dbe1590567caa6fb624a.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
5ed3ad1411adc0f83fe4eb87d5e2a59df51c6be99250dbe1590567caa6fb624a
-
Size
736KB
-
MD5
baad10f3b2b4ce0b7224e18f30e328a4
-
SHA1
1a8da4f28a7daadd186344ec2056169627eac721
-
SHA256
5ed3ad1411adc0f83fe4eb87d5e2a59df51c6be99250dbe1590567caa6fb624a
-
SHA512
1d9a1df9b08ec308036f844f4f74cb570cfbaad4a3255044f468b5dd73bc239400bb9ccd144adec6db5c750dd0683f3bea544f3d2abee8929c6321a671090508
-
SSDEEP
12288:AMrdy90UuIGtTLZnLZNjinYt+74GWrUK8ZwMYY6P4GLjfLyV:Ny+9LZFNjiY+ZTDGvLyV
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-