General
-
Target
099e74f87f7137d536e951e08aa77163
-
Size
483KB
-
Sample
231230-bjag3sacb3
-
MD5
099e74f87f7137d536e951e08aa77163
-
SHA1
3bf78e5ab3e0583ed7c41f675df6cbad5ccacd6f
-
SHA256
7e84d82b17457dcfc3ce3826dbad2ff18c507c9a7ffd7a452561e574883f9f5c
-
SHA512
52a1293af673400b578f053ee93729187441c628e78e77d549d7e1202cb97d5eec02f7f23c15061bbe796b5bcaba85ff09bb1f2bee55528129c48bc2048ac19d
-
SSDEEP
12288:pWKCAPgh31TqOIS1GLeRw92QRaQ1nQR0zCq4jqbr:2x6O/1GLeRw92QaQZk0zCq4jUr
Static task
static1
Behavioral task
behavioral1
Sample
099e74f87f7137d536e951e08aa77163.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
099e74f87f7137d536e951e08aa77163.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
185.80.234.100:3385
Targets
-
-
Target
099e74f87f7137d536e951e08aa77163
-
Size
483KB
-
MD5
099e74f87f7137d536e951e08aa77163
-
SHA1
3bf78e5ab3e0583ed7c41f675df6cbad5ccacd6f
-
SHA256
7e84d82b17457dcfc3ce3826dbad2ff18c507c9a7ffd7a452561e574883f9f5c
-
SHA512
52a1293af673400b578f053ee93729187441c628e78e77d549d7e1202cb97d5eec02f7f23c15061bbe796b5bcaba85ff09bb1f2bee55528129c48bc2048ac19d
-
SSDEEP
12288:pWKCAPgh31TqOIS1GLeRw92QRaQ1nQR0zCq4jqbr:2x6O/1GLeRw92QaQZk0zCq4jUr
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-