General
-
Target
6e10a6fbc11e4be9196d2218660c3073
-
Size
209KB
-
Sample
231226-pjb8kabfd9
-
MD5
6e10a6fbc11e4be9196d2218660c3073
-
SHA1
47a2ebb192d54701d2ac1e9b76911baa31eb2972
-
SHA256
752cc244ad2a7d0e4fa6128304df14ecedaad840a641384546ec292f123619ab
-
SHA512
2d53ad9e9e543749edd3309e3f03dd3c05c67662d86aa5875875e28c03bba0e5f724ea443ecdb754dad151d83ac979a0213d898ee8e02eca0aca18aac52adcd9
-
SSDEEP
3072:+khfaKvLtC/N78aRX6AyKjNVnZTZNWz/6szqAw36lHDf+:+/KvLwljRX1yKpV1iLmAw6jf+
Static task
static1
Behavioral task
behavioral1
Sample
6e10a6fbc11e4be9196d2218660c3073.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6e10a6fbc11e4be9196d2218660c3073.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
forinstalls
77.220.213.35:52349
Targets
-
-
Target
6e10a6fbc11e4be9196d2218660c3073
-
Size
209KB
-
MD5
6e10a6fbc11e4be9196d2218660c3073
-
SHA1
47a2ebb192d54701d2ac1e9b76911baa31eb2972
-
SHA256
752cc244ad2a7d0e4fa6128304df14ecedaad840a641384546ec292f123619ab
-
SHA512
2d53ad9e9e543749edd3309e3f03dd3c05c67662d86aa5875875e28c03bba0e5f724ea443ecdb754dad151d83ac979a0213d898ee8e02eca0aca18aac52adcd9
-
SSDEEP
3072:+khfaKvLtC/N78aRX6AyKjNVnZTZNWz/6szqAw36lHDf+:+/KvLwljRX1yKpV1iLmAw6jf+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-