General
-
Target
afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
-
Size
282KB
-
Sample
230608-gn3bjsdd31
-
MD5
0ae5e9a65bd244ca9055c6cdbade1eb2
-
SHA1
5e89ecf2e9f2da6d39898152d9c698db7ce7bf58
-
SHA256
afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
-
SHA512
c29b0da2e0d222823906a7fc4833ab0f0b3b1bd914786a14db9c14cc9d80f79e303c45c7ba83b0af1bf01f4d9c62d0c687079eb334260fbe376439dd24162b4f
-
SSDEEP
6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Static task
static1
Behavioral task
behavioral1
Sample
afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
-
Size
282KB
-
MD5
0ae5e9a65bd244ca9055c6cdbade1eb2
-
SHA1
5e89ecf2e9f2da6d39898152d9c698db7ce7bf58
-
SHA256
afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
-
SHA512
c29b0da2e0d222823906a7fc4833ab0f0b3b1bd914786a14db9c14cc9d80f79e303c45c7ba83b0af1bf01f4d9c62d0c687079eb334260fbe376439dd24162b4f
-
SSDEEP
6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-