General
-
Target
0fab637905a3f9b113c5ca5d5bb14d30
-
Size
421KB
-
Sample
231230-fvblqsbhel
-
MD5
0fab637905a3f9b113c5ca5d5bb14d30
-
SHA1
dc6d5ad8046e35c1007de961302fa9605efd9389
-
SHA256
81f66c5cc91de5636e3b5079c8f6bfcb0f4b08152dc792d25c9e8f57f0ce5948
-
SHA512
2a5edf6a007e05b8582e2c19c7953b3886ec0da6df425c8a6cba76049d0c635d70cbacb00e20289b5facad4ef3884b1b8e269261dbe80aa02c603531e71eba01
-
SSDEEP
12288:beNCpJ1XE6DUA8A0FOGaOlah4FIdIGcLgbRotL3P:bYiu6Dph0SO04FaIj9
Static task
static1
Behavioral task
behavioral1
Sample
0fab637905a3f9b113c5ca5d5bb14d30.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0fab637905a3f9b113c5ca5d5bb14d30.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
@kiirek123
ierinapu.xyz:80
Targets
-
-
Target
0fab637905a3f9b113c5ca5d5bb14d30
-
Size
421KB
-
MD5
0fab637905a3f9b113c5ca5d5bb14d30
-
SHA1
dc6d5ad8046e35c1007de961302fa9605efd9389
-
SHA256
81f66c5cc91de5636e3b5079c8f6bfcb0f4b08152dc792d25c9e8f57f0ce5948
-
SHA512
2a5edf6a007e05b8582e2c19c7953b3886ec0da6df425c8a6cba76049d0c635d70cbacb00e20289b5facad4ef3884b1b8e269261dbe80aa02c603531e71eba01
-
SSDEEP
12288:beNCpJ1XE6DUA8A0FOGaOlah4FIdIGcLgbRotL3P:bYiu6Dph0SO04FaIj9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-