General
-
Target
874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
-
Size
282KB
-
Sample
230608-gl9ylscg65
-
MD5
2274be1d70152161c6a7d65517879c53
-
SHA1
f7dcb1bb89a129c37ad7edff5b2e403f62ca39cd
-
SHA256
874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
-
SHA512
9498895fdc58eb5e27c096cfa672fa2dbd268fabf151fecb605c413ba6adbe129ec063a2a13998dccc4d02162071475f8a770af04eca5a4190941035d66fa88d
-
SSDEEP
6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Static task
static1
Behavioral task
behavioral1
Sample
874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
-
Size
282KB
-
MD5
2274be1d70152161c6a7d65517879c53
-
SHA1
f7dcb1bb89a129c37ad7edff5b2e403f62ca39cd
-
SHA256
874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
-
SHA512
9498895fdc58eb5e27c096cfa672fa2dbd268fabf151fecb605c413ba6adbe129ec063a2a13998dccc4d02162071475f8a770af04eca5a4190941035d66fa88d
-
SSDEEP
6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-