General
-
Target
j3638661.exe
-
Size
384KB
-
Sample
231011-l36dzahh39
-
MD5
7c73ccffc9fd1bb94bc20c9047c8bba2
-
SHA1
2b336775b52f623d8e6dc21f5babd15edb8c42b2
-
SHA256
009e2c4ccbba2d91a056a0a48d6d6ea03714e76bffe37dc8f714d79a6b30e8e3
-
SHA512
380fc504d8117a75f80145bfd421b840d12843fb4b9761a8abaa9f8411260eddd26f0da8a3ed362f884f0a213f0e018ed353eaa66e2f6a9dcda990b3f3d46b13
-
SSDEEP
12288:7TRweSHxzyZg09spUfzMJZVk95wWW6ruUF4S:7eejZgrsW6rv2
Static task
static1
Behavioral task
behavioral1
Sample
j3638661.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
j3638661.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gruha
77.91.124.55:19071
-
auth_value
2f4cf2e668a540e64775b27535cc6892
Targets
-
-
Target
j3638661.exe
-
Size
384KB
-
MD5
7c73ccffc9fd1bb94bc20c9047c8bba2
-
SHA1
2b336775b52f623d8e6dc21f5babd15edb8c42b2
-
SHA256
009e2c4ccbba2d91a056a0a48d6d6ea03714e76bffe37dc8f714d79a6b30e8e3
-
SHA512
380fc504d8117a75f80145bfd421b840d12843fb4b9761a8abaa9f8411260eddd26f0da8a3ed362f884f0a213f0e018ed353eaa66e2f6a9dcda990b3f3d46b13
-
SSDEEP
12288:7TRweSHxzyZg09spUfzMJZVk95wWW6ruUF4S:7eejZgrsW6rv2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-