General
-
Target
2dccea09a33b86f5e770514fedea1b4f4eff4b3136853c28022f36afd1554c26
-
Size
735KB
-
Sample
230606-jp3ptadb5x
-
MD5
127750909e73ad4bd01c25f5ddf5f667
-
SHA1
5c764efc7c1d2e30e0cf6e59430c8ea0ab81a968
-
SHA256
2dccea09a33b86f5e770514fedea1b4f4eff4b3136853c28022f36afd1554c26
-
SHA512
191d95b80bab0bb2a4c0f68a49023a827cfd2c93bbcfa31d959f6fca184a0b0055fe75aa3d8baca07fb3e3ed1ba89a60f936764ef1a49ec99b24a01d8e13bd7a
-
SSDEEP
12288:DMr5y90vQe4KwVj+UX8L97glNRsduypBTaoUo2FU3ZnCkTqGJkxZlNWAFRvbL3:Gy3eFwVw7glcVdao92FUFvTqGSzFRvbL
Static task
static1
Behavioral task
behavioral1
Sample
2dccea09a33b86f5e770514fedea1b4f4eff4b3136853c28022f36afd1554c26.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
2dccea09a33b86f5e770514fedea1b4f4eff4b3136853c28022f36afd1554c26
-
Size
735KB
-
MD5
127750909e73ad4bd01c25f5ddf5f667
-
SHA1
5c764efc7c1d2e30e0cf6e59430c8ea0ab81a968
-
SHA256
2dccea09a33b86f5e770514fedea1b4f4eff4b3136853c28022f36afd1554c26
-
SHA512
191d95b80bab0bb2a4c0f68a49023a827cfd2c93bbcfa31d959f6fca184a0b0055fe75aa3d8baca07fb3e3ed1ba89a60f936764ef1a49ec99b24a01d8e13bd7a
-
SSDEEP
12288:DMr5y90vQe4KwVj+UX8L97glNRsduypBTaoUo2FU3ZnCkTqGJkxZlNWAFRvbL3:Gy3eFwVw7glcVdao92FUFvTqGSzFRvbL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-