General
-
Target
21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
-
Size
282KB
-
Sample
230608-gk34nscg59
-
MD5
37da12a4bb5985703c04b1397ed3c8c8
-
SHA1
64a245edb7b5a4ff35e0800b5f0d1168b2fbc520
-
SHA256
21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
-
SHA512
0677ca9608106910367e3cb65616173643305dd4a9a519689e904913ed79bf1437a4d6ca6d629d5c050327d86887c0770b5e91424526ed58d0ff2005d9174373
-
SSDEEP
6144:NQvoWvJ0y0qwvTygXUNVS4MGh1aBFrvz1xcxcWhwrt:NUZ8yR1aBFrvz1xcxdwrt
Static task
static1
Behavioral task
behavioral1
Sample
21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
-
Size
282KB
-
MD5
37da12a4bb5985703c04b1397ed3c8c8
-
SHA1
64a245edb7b5a4ff35e0800b5f0d1168b2fbc520
-
SHA256
21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
-
SHA512
0677ca9608106910367e3cb65616173643305dd4a9a519689e904913ed79bf1437a4d6ca6d629d5c050327d86887c0770b5e91424526ed58d0ff2005d9174373
-
SSDEEP
6144:NQvoWvJ0y0qwvTygXUNVS4MGh1aBFrvz1xcxcWhwrt:NUZ8yR1aBFrvz1xcxdwrt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-