General
-
Target
16cf1e37704f6d8a9557f3804045f7b9
-
Size
1.8MB
-
Sample
231225-mdwnxaegf2
-
MD5
16cf1e37704f6d8a9557f3804045f7b9
-
SHA1
713a135b361183bc9907537890c9d4a44637eec3
-
SHA256
4a475db4cb4d71eb0752dce8f9752ed285a0ef1131fefcc2c139de831118df63
-
SHA512
956df0b1bc9427ba3980d9d9cbe7e627ae2a5f71abd08599ad2879c0291c682e59c109387a704cd8ebccb272ff130cfcbbbcc1ac36f9346a72646cd9fe1ae36f
-
SSDEEP
49152:KsybxHlk9D3Y9/kaLV6t+0XJpy+g75LrARENNpLl:NybxFk1Ya+T03q5htl
Static task
static1
Behavioral task
behavioral1
Sample
16cf1e37704f6d8a9557f3804045f7b9.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
16cf1e37704f6d8a9557f3804045f7b9.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
adsgoogle2
45.93.4.12:80
Targets
-
-
Target
16cf1e37704f6d8a9557f3804045f7b9
-
Size
1.8MB
-
MD5
16cf1e37704f6d8a9557f3804045f7b9
-
SHA1
713a135b361183bc9907537890c9d4a44637eec3
-
SHA256
4a475db4cb4d71eb0752dce8f9752ed285a0ef1131fefcc2c139de831118df63
-
SHA512
956df0b1bc9427ba3980d9d9cbe7e627ae2a5f71abd08599ad2879c0291c682e59c109387a704cd8ebccb272ff130cfcbbbcc1ac36f9346a72646cd9fe1ae36f
-
SSDEEP
49152:KsybxHlk9D3Y9/kaLV6t+0XJpy+g75LrARENNpLl:NybxFk1Ya+T03q5htl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-