General
-
Target
AutoInstall.exe
-
Size
1.8MB
-
Sample
231113-1yw23afg53
-
MD5
d22dea0339065ec05cccf525b72a7b12
-
SHA1
fb73af59c4498f28ffd714d467551ec465b77d7d
-
SHA256
92cf7bd32bc8125a758cafd97fc06559994b57ed94f641f74f2da07de284aff3
-
SHA512
9b947179aac2233f83e24f5892aeeba2aa2240f5bf32d323395e712ae02844b04e56abbea16e6e7c34559b7a4ad5ab53a9049bf6eb2a31cbcb59be180dfde573
-
SSDEEP
49152:8LJyCp/gah3h6AS6UFfrHDu7kLNKxe1iuIy8EpDOPSFVF6:8Nb1V5S3rHDugLNKxAgiOPqi
Static task
static1
Behavioral task
behavioral1
Sample
AutoInstall.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
@SDSAads2
104.168.44.52:80
-
auth_value
589d0e9314616e09f68efd12b2086ab8
Targets
-
-
Target
AutoInstall.exe
-
Size
1.8MB
-
MD5
d22dea0339065ec05cccf525b72a7b12
-
SHA1
fb73af59c4498f28ffd714d467551ec465b77d7d
-
SHA256
92cf7bd32bc8125a758cafd97fc06559994b57ed94f641f74f2da07de284aff3
-
SHA512
9b947179aac2233f83e24f5892aeeba2aa2240f5bf32d323395e712ae02844b04e56abbea16e6e7c34559b7a4ad5ab53a9049bf6eb2a31cbcb59be180dfde573
-
SSDEEP
49152:8LJyCp/gah3h6AS6UFfrHDu7kLNKxe1iuIy8EpDOPSFVF6:8Nb1V5S3rHDugLNKxAgiOPqi
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-