General
-
Target
4aw602SF.exe
-
Size
459KB
-
Sample
231010-bcllrshe7t
-
MD5
f807505c12a33b65b08e46eef6408959
-
SHA1
49813fdcd432b333f296421a2dbf867506363626
-
SHA256
1327f6d2be1f9ec0e2bef78ffb5a702b1a5249e4e7cea43e0012aebf1cb8c669
-
SHA512
4df7bf7aaa4f1a409032c3e2e1cce183b707b70219b62d54af7fdccb6e5b7f78ae67727ee4bc6c30e044cb0f6535b155d1834ad3e3120eef7fdba82740919179
-
SSDEEP
6144:4vRHImfMPTjdJUINv8nqBJY5FAOtOjHXfSxrviJxekGQYto/vHYjB4rSPjIEtN3:4vCmETjbJ3mTOjHvSxrviukGftgvHhG3
Static task
static1
Behavioral task
behavioral1
Sample
4aw602SF.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
4aw602SF.exe
Resource
win10-20230915-en
Malware Config
Extracted
redline
frant
77.91.124.55:19071
Targets
-
-
Target
4aw602SF.exe
-
Size
459KB
-
MD5
f807505c12a33b65b08e46eef6408959
-
SHA1
49813fdcd432b333f296421a2dbf867506363626
-
SHA256
1327f6d2be1f9ec0e2bef78ffb5a702b1a5249e4e7cea43e0012aebf1cb8c669
-
SHA512
4df7bf7aaa4f1a409032c3e2e1cce183b707b70219b62d54af7fdccb6e5b7f78ae67727ee4bc6c30e044cb0f6535b155d1834ad3e3120eef7fdba82740919179
-
SSDEEP
6144:4vRHImfMPTjdJUINv8nqBJY5FAOtOjHXfSxrviJxekGQYto/vHYjB4rSPjIEtN3:4vCmETjbJ3mTOjHvSxrviukGftgvHhG3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-