General
-
Target
203554d11cd8d9a8fcad90f71604ed56e55fc587e0f10528e3a711117106e097.exe
-
Size
785KB
-
Sample
230613-q3n7xagd85
-
MD5
35699ee3be7623f358c8025e1be611b1
-
SHA1
99e8cacaf28ff00088e3db272a4cdae88377d27b
-
SHA256
203554d11cd8d9a8fcad90f71604ed56e55fc587e0f10528e3a711117106e097
-
SHA512
09fb9defbd5c84841e009655568a84dcc6a47e438c268946f01eda7226ef56aa1694e4635f1ce89f35d59429c6411d8bc6919886bf28f31c78766669e51ce300
-
SSDEEP
12288:rMrpy90QXmu+J5dRE9kUo6V8/x/owmJ6IbQhjPOFKcITVGRv0LWDDAPmuR51:myLYwSvNKwy1QhLOYxGmLW4P5F
Static task
static1
Behavioral task
behavioral1
Sample
203554d11cd8d9a8fcad90f71604ed56e55fc587e0f10528e3a711117106e097.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19046
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
203554d11cd8d9a8fcad90f71604ed56e55fc587e0f10528e3a711117106e097.exe
-
Size
785KB
-
MD5
35699ee3be7623f358c8025e1be611b1
-
SHA1
99e8cacaf28ff00088e3db272a4cdae88377d27b
-
SHA256
203554d11cd8d9a8fcad90f71604ed56e55fc587e0f10528e3a711117106e097
-
SHA512
09fb9defbd5c84841e009655568a84dcc6a47e438c268946f01eda7226ef56aa1694e4635f1ce89f35d59429c6411d8bc6919886bf28f31c78766669e51ce300
-
SSDEEP
12288:rMrpy90QXmu+J5dRE9kUo6V8/x/owmJ6IbQhjPOFKcITVGRv0LWDDAPmuR51:myLYwSvNKwy1QhLOYxGmLW4P5F
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-