General
-
Target
d5547b2813bccd816bc0ccb00564737a46407e34912105b2703e19390768887e
-
Size
773KB
-
Sample
230608-mm4qwaec76
-
MD5
bdcc36ea3621040799270f47d16edf83
-
SHA1
e2ba36a884c3490688928a0e156ba7a21f07e780
-
SHA256
d5547b2813bccd816bc0ccb00564737a46407e34912105b2703e19390768887e
-
SHA512
17a8a94f259d66999cd68c023af0a63219a1fffe0e1abc0d78c0d810fcd99778a43a214d5ce1d45fc2eb4cae6cd460b725dcc84f3d9487372871775928951d64
-
SSDEEP
24576:RyIr4aRcI8iYlwngnKkB+j5+peiCafMlg:ES4st8hWM+j0peiCafMl
Static task
static1
Behavioral task
behavioral1
Sample
d5547b2813bccd816bc0ccb00564737a46407e34912105b2703e19390768887e.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.129:19068
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
d5547b2813bccd816bc0ccb00564737a46407e34912105b2703e19390768887e
-
Size
773KB
-
MD5
bdcc36ea3621040799270f47d16edf83
-
SHA1
e2ba36a884c3490688928a0e156ba7a21f07e780
-
SHA256
d5547b2813bccd816bc0ccb00564737a46407e34912105b2703e19390768887e
-
SHA512
17a8a94f259d66999cd68c023af0a63219a1fffe0e1abc0d78c0d810fcd99778a43a214d5ce1d45fc2eb4cae6cd460b725dcc84f3d9487372871775928951d64
-
SSDEEP
24576:RyIr4aRcI8iYlwngnKkB+j5+peiCafMlg:ES4st8hWM+j0peiCafMl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-