General
-
Target
ab6563964db8fe3966de4a215_JC.exe
-
Size
2.3MB
-
Sample
230728-vraycsfb4z
-
MD5
69d19779b8da64ab2d877e9156ac1189
-
SHA1
e7ceb475978c9592dfe62737d56d0c8562744c6d
-
SHA256
ab6563964db8fe3966de4a215307a7aed3e5e242ba28d5f2f418f7723208f3a1
-
SHA512
b6031036c2b96eeb5fb719e4ecd26cde768385c2ed57579756db570ab42be62b05f620071e35ae0ae27d0a3295e1c553031055725e4a0b316ff0de925b8d75d3
-
SSDEEP
6144:hHlD0VNBrHdhsGE8C00iW5b2+DWW4eg3++OJPdums4:hHlD0VNBrHC1s+CnegN6Pdt
Static task
static1
Behavioral task
behavioral1
Sample
ab6563964db8fe3966de4a215_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
ab6563964db8fe3966de4a215_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
12
46.149.77.25:8599
-
auth_value
c46d7c526a45729e5f4c39fca6e505c1
Targets
-
-
Target
ab6563964db8fe3966de4a215_JC.exe
-
Size
2.3MB
-
MD5
69d19779b8da64ab2d877e9156ac1189
-
SHA1
e7ceb475978c9592dfe62737d56d0c8562744c6d
-
SHA256
ab6563964db8fe3966de4a215307a7aed3e5e242ba28d5f2f418f7723208f3a1
-
SHA512
b6031036c2b96eeb5fb719e4ecd26cde768385c2ed57579756db570ab42be62b05f620071e35ae0ae27d0a3295e1c553031055725e4a0b316ff0de925b8d75d3
-
SSDEEP
6144:hHlD0VNBrHdhsGE8C00iW5b2+DWW4eg3++OJPdums4:hHlD0VNBrHC1s+CnegN6Pdt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-