General
-
Target
SecuriteInfo.com.Trojan.PWS.RedLineNET.6.22408.337.exe
-
Size
14.0MB
-
Sample
230823-nw95padd5s
-
MD5
a71609fea0887e5261e10f323719ed19
-
SHA1
405e439c837a15ca67d8ccf7a810ffb097173af4
-
SHA256
59bd3b30ff0e9c2d1d335cb7cd8d305fa047e79cd0873b1a02936d9d999a35ff
-
SHA512
2f75a1ce40e63dfdd7612501795a017bd98362f87b43ffabc142b9e3ad99f159ff97fbf3cf63e204fbd7a2c83d5e4fcb6eb06df92ed266562051fa2d22359c61
-
SSDEEP
12288:Csxmdj2NtdggxR2FCLDNToj5taAtw6J4lmEDHJy1XiIopXQXZnOa33w6HVtIuClJ:HdhxR2FiNToj5IAH+y2a33w6EbjvxVC
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PWS.RedLineNET.6.22408.337.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PWS.RedLineNET.6.22408.337.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.PWS.RedLineNET.6.22408.337.exe
-
Size
14.0MB
-
MD5
a71609fea0887e5261e10f323719ed19
-
SHA1
405e439c837a15ca67d8ccf7a810ffb097173af4
-
SHA256
59bd3b30ff0e9c2d1d335cb7cd8d305fa047e79cd0873b1a02936d9d999a35ff
-
SHA512
2f75a1ce40e63dfdd7612501795a017bd98362f87b43ffabc142b9e3ad99f159ff97fbf3cf63e204fbd7a2c83d5e4fcb6eb06df92ed266562051fa2d22359c61
-
SSDEEP
12288:Csxmdj2NtdggxR2FCLDNToj5taAtw6J4lmEDHJy1XiIopXQXZnOa33w6HVtIuClJ:HdhxR2FiNToj5IAH+y2a33w6EbjvxVC
Score7/10-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-