General
-
Target
k2031714.exe
-
Size
419KB
-
Sample
230912-gxd1baeb79
-
MD5
f76774f85a46dc76b44790ee40f7b36b
-
SHA1
4beacf92df7891b3d6a24f7d0c407d5477e891c3
-
SHA256
c7388325f0551afadac9dcfa8272e1856bb80eca1a0cf25d2beb8aecdd2b14fa
-
SHA512
77e0e795073f94631981a393707b5b8fa564ba24ab0074eadd987f6810762f81bd2049d60d3e9ec3f207ff96df93e9692d432947eb4d55167c308a9ad171bd82
-
SSDEEP
6144:gNia2/KMiCQy4bwSjQzL9ois436xMhAOub7LrMLFKdhbl6UnUWgfPstAtiMXY:g32SMiu4Ms436xMhIb4wd3
Static task
static1
Behavioral task
behavioral1
Sample
k2031714.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
k2031714.exe
Resource
win10-20230831-en
Malware Config
Extracted
redline
tuco
77.91.124.82:19071
-
auth_value
dcfeb759bae9232de006fc3a4b34ac53
Targets
-
-
Target
k2031714.exe
-
Size
419KB
-
MD5
f76774f85a46dc76b44790ee40f7b36b
-
SHA1
4beacf92df7891b3d6a24f7d0c407d5477e891c3
-
SHA256
c7388325f0551afadac9dcfa8272e1856bb80eca1a0cf25d2beb8aecdd2b14fa
-
SHA512
77e0e795073f94631981a393707b5b8fa564ba24ab0074eadd987f6810762f81bd2049d60d3e9ec3f207ff96df93e9692d432947eb4d55167c308a9ad171bd82
-
SSDEEP
6144:gNia2/KMiCQy4bwSjQzL9ois436xMhAOub7LrMLFKdhbl6UnUWgfPstAtiMXY:g32SMiu4Ms436xMhIb4wd3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-