General
-
Target
1ffddabff9efaf5eb811259dbe5ff03195a920e231e6805a9b74257c734ff019
-
Size
737KB
-
Sample
230606-s847esfa7x
-
MD5
108adb4fcdd3b1bdcea0a71d931180a9
-
SHA1
8219f6cb3a0120ad2e852b08ee901560fef63b29
-
SHA256
1ffddabff9efaf5eb811259dbe5ff03195a920e231e6805a9b74257c734ff019
-
SHA512
4f775c1e9c4b23a609e740221e6e63823af345afbf168aa7ed14aba55c90b6f65de805426b9c724e2f22a6a0037f1abdeba28633106410ba77ae1bc37ad13dd4
-
SSDEEP
12288:CMr8y90a1Qp9W4OZHFci6zIEkMrrsyvqiK7WjswGuGNunEu4R3mom4h4e:yySbOpFt6UEmy0Wju0+mX4ht
Static task
static1
Behavioral task
behavioral1
Sample
1ffddabff9efaf5eb811259dbe5ff03195a920e231e6805a9b74257c734ff019.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19048
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
1ffddabff9efaf5eb811259dbe5ff03195a920e231e6805a9b74257c734ff019
-
Size
737KB
-
MD5
108adb4fcdd3b1bdcea0a71d931180a9
-
SHA1
8219f6cb3a0120ad2e852b08ee901560fef63b29
-
SHA256
1ffddabff9efaf5eb811259dbe5ff03195a920e231e6805a9b74257c734ff019
-
SHA512
4f775c1e9c4b23a609e740221e6e63823af345afbf168aa7ed14aba55c90b6f65de805426b9c724e2f22a6a0037f1abdeba28633106410ba77ae1bc37ad13dd4
-
SSDEEP
12288:CMr8y90a1Qp9W4OZHFci6zIEkMrrsyvqiK7WjswGuGNunEu4R3mom4h4e:yySbOpFt6UEmy0Wju0+mX4ht
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-