General
-
Target
5830307da699815f6d62a4a5d92dbd27
-
Size
181KB
-
Sample
240113-gzdsbseae2
-
MD5
5830307da699815f6d62a4a5d92dbd27
-
SHA1
1c721c9592ce6ea05242c8dba3417fefb05e5487
-
SHA256
e33dade92668e831e2e4ce734f1e8b7623ab1e019796bae59efb9e65f10e9ba4
-
SHA512
7b96820f87560c0c42c23376201bd9245e61ae66fa78db926dec9b0005e29294ce544fefce6cf8dcd121f49bc5361e94940b66b3899286f52212160599b241e5
-
SSDEEP
3072:rvujCNdWGvnXQemSSTQMHw3DTvatyl4WNO:r7vXQe9STQMHw3DOt1WN
Static task
static1
Behavioral task
behavioral1
Sample
5830307da699815f6d62a4a5d92dbd27.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
5830307da699815f6d62a4a5d92dbd27.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
redline
178.250.156.64:14504
Targets
-
-
Target
5830307da699815f6d62a4a5d92dbd27
-
Size
181KB
-
MD5
5830307da699815f6d62a4a5d92dbd27
-
SHA1
1c721c9592ce6ea05242c8dba3417fefb05e5487
-
SHA256
e33dade92668e831e2e4ce734f1e8b7623ab1e019796bae59efb9e65f10e9ba4
-
SHA512
7b96820f87560c0c42c23376201bd9245e61ae66fa78db926dec9b0005e29294ce544fefce6cf8dcd121f49bc5361e94940b66b3899286f52212160599b241e5
-
SSDEEP
3072:rvujCNdWGvnXQemSSTQMHw3DTvatyl4WNO:r7vXQe9STQMHw3DOt1WN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-