General
-
Target
launch.exe
-
Size
219.3MB
-
Sample
230803-mqt1vaeb2w
-
MD5
39f90609236c5a5512022ac4217d0946
-
SHA1
79de68103b33349f0a8b37d0a0080d73f13eb147
-
SHA256
6932751709a4dbb193a60a1a7ca38c4a9428957acbf75e5ffda09bf9f9bb68fc
-
SHA512
6ec6b3b0c932b9395045a737a95a0a58ef348d1e5c847cb75b5a0659ad8b91bb53375fc366e529401d464c1f6fafe7e40efc49cf54cfb1684b1463ff00876b5b
-
SSDEEP
6144:D828BIGka3FrR1I83YP/AODz2Pgk4+8zjLmgu4BZTh:D828B0a+X1z2Yv+ijP3h
Static task
static1
Behavioral task
behavioral1
Sample
launch.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
launch.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
main
185.106.92.82:5438
-
auth_value
e1d8c486fa51e48b53d3384b5a2b4973
Targets
-
-
Target
launch.exe
-
Size
219.3MB
-
MD5
39f90609236c5a5512022ac4217d0946
-
SHA1
79de68103b33349f0a8b37d0a0080d73f13eb147
-
SHA256
6932751709a4dbb193a60a1a7ca38c4a9428957acbf75e5ffda09bf9f9bb68fc
-
SHA512
6ec6b3b0c932b9395045a737a95a0a58ef348d1e5c847cb75b5a0659ad8b91bb53375fc366e529401d464c1f6fafe7e40efc49cf54cfb1684b1463ff00876b5b
-
SSDEEP
6144:D828BIGka3FrR1I83YP/AODz2Pgk4+8zjLmgu4BZTh:D828B0a+X1z2Yv+ijP3h
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-