General
-
Target
bbcedc0103c49af7f41486ce288bde3494e61237a1a10b3c82652abe9b27fe19
-
Size
738KB
-
Sample
230606-s64swafa6v
-
MD5
20e036fe34492db89c534307af3a28ce
-
SHA1
c1f2b31ad90e3386b6a4d91d7afa3dff7c29d645
-
SHA256
bbcedc0103c49af7f41486ce288bde3494e61237a1a10b3c82652abe9b27fe19
-
SHA512
305f8367e3487068448c68a80dc3bc65cf45a57b764c83ca565a656ae234dcde68ca9692a37bef29f491dab37f01c5c412727f7a5021ef3d4ce34e3cd80c53de
-
SSDEEP
12288:BMr7y90SRF3rYJxVrvqxVLRKQKX8btTl0ChHir/A0jJbTZh7BVg:WyvjrYJx1OR28bj0UHAJbTJVg
Static task
static1
Behavioral task
behavioral1
Sample
bbcedc0103c49af7f41486ce288bde3494e61237a1a10b3c82652abe9b27fe19.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
bbcedc0103c49af7f41486ce288bde3494e61237a1a10b3c82652abe9b27fe19
-
Size
738KB
-
MD5
20e036fe34492db89c534307af3a28ce
-
SHA1
c1f2b31ad90e3386b6a4d91d7afa3dff7c29d645
-
SHA256
bbcedc0103c49af7f41486ce288bde3494e61237a1a10b3c82652abe9b27fe19
-
SHA512
305f8367e3487068448c68a80dc3bc65cf45a57b764c83ca565a656ae234dcde68ca9692a37bef29f491dab37f01c5c412727f7a5021ef3d4ce34e3cd80c53de
-
SSDEEP
12288:BMr7y90SRF3rYJxVrvqxVLRKQKX8btTl0ChHir/A0jJbTZh7BVg:WyvjrYJx1OR28bj0UHAJbTJVg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-