General
-
Target
02e044f33dcb6f529b9a2cab9399a005.exe
-
Size
772KB
-
Sample
230608-mm81laeh6x
-
MD5
02e044f33dcb6f529b9a2cab9399a005
-
SHA1
26160bacfe6b9bae3dbe09f1bd49e351ac421589
-
SHA256
e447ae1f8224e2b964c69128ec258560a374151a8ee932670feb7a2670163682
-
SHA512
0efd491f73eaf13fd489c04a349c09a90dcb52cf5706eb806df9ac49fd60d3297e27f77a9fff422e4b41c2902dfea43f9494088db29de0194c2545521a8889f2
-
SSDEEP
24576:sy7vAUKqx3rIKX0OMHZp6oqAgM34iaqR:b0UKqrX0D5p6oqo9a
Static task
static1
Behavioral task
behavioral1
Sample
02e044f33dcb6f529b9a2cab9399a005.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
02e044f33dcb6f529b9a2cab9399a005.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.129:19068
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
02e044f33dcb6f529b9a2cab9399a005.exe
-
Size
772KB
-
MD5
02e044f33dcb6f529b9a2cab9399a005
-
SHA1
26160bacfe6b9bae3dbe09f1bd49e351ac421589
-
SHA256
e447ae1f8224e2b964c69128ec258560a374151a8ee932670feb7a2670163682
-
SHA512
0efd491f73eaf13fd489c04a349c09a90dcb52cf5706eb806df9ac49fd60d3297e27f77a9fff422e4b41c2902dfea43f9494088db29de0194c2545521a8889f2
-
SSDEEP
24576:sy7vAUKqx3rIKX0OMHZp6oqAgM34iaqR:b0UKqrX0D5p6oqo9a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-