General
-
Target
cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
-
Size
282KB
-
Sample
230608-gqrb3acg92
-
MD5
543592305a9b8cc484478d78f10476e7
-
SHA1
af9fe29fa22c158632331f8fce870ae54dc46aab
-
SHA256
cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
-
SHA512
64c489ebb7508b5f219a841670f47178d6254dda08d0cab75ca1d7b32bb4c51c17aa08bf0de97cf48f5c2b10f095d3f65797761192038455af7131bf276d1d54
-
SSDEEP
6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt
Static task
static1
Behavioral task
behavioral1
Sample
cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
-
Size
282KB
-
MD5
543592305a9b8cc484478d78f10476e7
-
SHA1
af9fe29fa22c158632331f8fce870ae54dc46aab
-
SHA256
cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
-
SHA512
64c489ebb7508b5f219a841670f47178d6254dda08d0cab75ca1d7b32bb4c51c17aa08bf0de97cf48f5c2b10f095d3f65797761192038455af7131bf276d1d54
-
SSDEEP
6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-