General
-
Target
215b99a79e60f497f61376a9d91c27e5
-
Size
363KB
-
Sample
231231-akpsqaedd9
-
MD5
215b99a79e60f497f61376a9d91c27e5
-
SHA1
e27468dbd45e30781432c1752296d562f0d00ee5
-
SHA256
baaddfa0cec6ee987ccc56d80ccbb851fae5288e0d43531a16daac01ab22ed9d
-
SHA512
1a8a76f22e08940a63d06cd08f3058649499e321204af2906ecb6a318a1b75d2ca535db2d5a9cd49eb69cd33bfe4104f9458b960992179a25f0080ba94c16985
-
SSDEEP
3072:he4YJXwKqovbgU7iyap75m5zc4Be6B48o0S2Xl6OBz7+5f2WwTm5S0CuH8wrioJS:ywKqovbgIQ70dc6e6pXcOBnUOLTmlV
Static task
static1
Behavioral task
behavioral1
Sample
215b99a79e60f497f61376a9d91c27e5.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
215b99a79e60f497f61376a9d91c27e5.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
ju09_de_khr
185.215.113.86:13625
Targets
-
-
Target
215b99a79e60f497f61376a9d91c27e5
-
Size
363KB
-
MD5
215b99a79e60f497f61376a9d91c27e5
-
SHA1
e27468dbd45e30781432c1752296d562f0d00ee5
-
SHA256
baaddfa0cec6ee987ccc56d80ccbb851fae5288e0d43531a16daac01ab22ed9d
-
SHA512
1a8a76f22e08940a63d06cd08f3058649499e321204af2906ecb6a318a1b75d2ca535db2d5a9cd49eb69cd33bfe4104f9458b960992179a25f0080ba94c16985
-
SSDEEP
3072:he4YJXwKqovbgU7iyap75m5zc4Be6B48o0S2Xl6OBz7+5f2WwTm5S0CuH8wrioJS:ywKqovbgIQ70dc6e6pXcOBnUOLTmlV
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-