General
-
Target
4oE045Hr.exe
-
Size
459KB
-
Sample
231010-fpkbpaba41
-
MD5
0f9bf0eeeae62f42f1e7f735706d1a14
-
SHA1
efd2514c4d6c7e6ce1f39008fafe3bcb8b12408e
-
SHA256
f1626105054686b8af41da05be026b6c8bfb9b9dc052e7c32b79193472f1ceba
-
SHA512
8aafdb85d2a4ca093ab4e0de6601f2a00e04413079b58fb5e0ab710fb3edb1d54796c3b30c6502f626e326c46d322616c7ba195385f4e2ee3158f9dcf361da27
-
SSDEEP
6144:IfThnbDPM4jjdpvIN8fp7z5BAOgfFHN6DEvQiCD8S40X:IfTVDPjjb/+fpNs3dRNX
Static task
static1
Behavioral task
behavioral1
Sample
4oE045Hr.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
4oE045Hr.exe
Resource
win10-20230915-en
Malware Config
Extracted
redline
frant
77.91.124.55:19071
Targets
-
-
Target
4oE045Hr.exe
-
Size
459KB
-
MD5
0f9bf0eeeae62f42f1e7f735706d1a14
-
SHA1
efd2514c4d6c7e6ce1f39008fafe3bcb8b12408e
-
SHA256
f1626105054686b8af41da05be026b6c8bfb9b9dc052e7c32b79193472f1ceba
-
SHA512
8aafdb85d2a4ca093ab4e0de6601f2a00e04413079b58fb5e0ab710fb3edb1d54796c3b30c6502f626e326c46d322616c7ba195385f4e2ee3158f9dcf361da27
-
SSDEEP
6144:IfThnbDPM4jjdpvIN8fp7z5BAOgfFHN6DEvQiCD8S40X:IfTVDPjjb/+fpNs3dRNX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-