General
-
Target
da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
-
Size
282KB
-
Sample
230608-gqbllsdd41
-
MD5
f5aa6607a8c56b794edeaf8fbdbe6631
-
SHA1
52a0a7c544e10bdb5558c4aafa707b5dc8480f92
-
SHA256
da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
-
SHA512
1ea79081558256f62546ef16fdfe5c536183638b1858195aca72047a68c16edf2b06e9dccd1b7ab1c76394f2428a10b31d72bb00942193b957f10242328baef7
-
SSDEEP
6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt
Static task
static1
Behavioral task
behavioral1
Sample
da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
-
Size
282KB
-
MD5
f5aa6607a8c56b794edeaf8fbdbe6631
-
SHA1
52a0a7c544e10bdb5558c4aafa707b5dc8480f92
-
SHA256
da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
-
SHA512
1ea79081558256f62546ef16fdfe5c536183638b1858195aca72047a68c16edf2b06e9dccd1b7ab1c76394f2428a10b31d72bb00942193b957f10242328baef7
-
SSDEEP
6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-