General
-
Target
j1874993.exe
-
Size
390KB
-
Sample
231004-hxwqsshg6y
-
MD5
917a092ad987565a5dc7994215a7bc4c
-
SHA1
ab1ded1f85f73d5d4213c63d75690be715365e3a
-
SHA256
b9db7b13ef839cf02efebdee5b78555f202c21d69380e3486b182a7399c02f22
-
SHA512
cea17eec1063bef6f683bee8d6f544ee46ab1ae5b8cb366a901f74cd31aa015574903d339cea3283957250710e6cfca8e31432e4b403d5460645a47d8e9184e2
-
SSDEEP
6144:/KXFo/N5ExgFbNOUAHEHIXbLvZAOAiQyhWHf5QPd4mFCN73Vs0BC+:cwDExgFY5vx+iQyQHf5QPdtCdFs0BC+
Static task
static1
Behavioral task
behavioral1
Sample
j1874993.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
j1874993.exe
Resource
win10-20230831-en
Malware Config
Extracted
redline
gruha
77.91.124.55:19071
-
auth_value
2f4cf2e668a540e64775b27535cc6892
Targets
-
-
Target
j1874993.exe
-
Size
390KB
-
MD5
917a092ad987565a5dc7994215a7bc4c
-
SHA1
ab1ded1f85f73d5d4213c63d75690be715365e3a
-
SHA256
b9db7b13ef839cf02efebdee5b78555f202c21d69380e3486b182a7399c02f22
-
SHA512
cea17eec1063bef6f683bee8d6f544ee46ab1ae5b8cb366a901f74cd31aa015574903d339cea3283957250710e6cfca8e31432e4b403d5460645a47d8e9184e2
-
SSDEEP
6144:/KXFo/N5ExgFbNOUAHEHIXbLvZAOAiQyhWHf5QPd4mFCN73Vs0BC+:cwDExgFY5vx+iQyQHf5QPdtCdFs0BC+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-