General
-
Target
j7464231.exe
-
Size
310KB
-
Sample
231004-hzv72sbg62
-
MD5
785964441bf75233d9a0e900d791b0ec
-
SHA1
0b2be90f3d98b8efce0f0c9339b4108f8e94cda6
-
SHA256
00f3d069d6b0df663223b54552695c90e33fdf049466e48c1a794312ef1854e8
-
SHA512
1dff833f36a5952b9fc9bcf5eb3ffdcb9e6292f2401d78f5efcd544848097bb5f3a484ddf4a81cfd8908986b9c4239286e57bb4905c9cde9fab945ea841c974f
-
SSDEEP
6144:WhzDq0Bru5tnsqWQYeamN4nXyohSUGzOjrj:Wtq0BruRa+yXyohSo/j
Static task
static1
Behavioral task
behavioral1
Sample
j7464231.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
j7464231.exe
Resource
win10-20230915-en
Malware Config
Extracted
redline
gruha
77.91.124.55:19071
-
auth_value
2f4cf2e668a540e64775b27535cc6892
Targets
-
-
Target
j7464231.exe
-
Size
310KB
-
MD5
785964441bf75233d9a0e900d791b0ec
-
SHA1
0b2be90f3d98b8efce0f0c9339b4108f8e94cda6
-
SHA256
00f3d069d6b0df663223b54552695c90e33fdf049466e48c1a794312ef1854e8
-
SHA512
1dff833f36a5952b9fc9bcf5eb3ffdcb9e6292f2401d78f5efcd544848097bb5f3a484ddf4a81cfd8908986b9c4239286e57bb4905c9cde9fab945ea841c974f
-
SSDEEP
6144:WhzDq0Bru5tnsqWQYeamN4nXyohSUGzOjrj:Wtq0BruRa+yXyohSo/j
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-