General
-
Target
5b8ed6a7bb56fe0a482033b9a7a867cd
-
Size
119KB
-
Sample
240114-w7z3vscehl
-
MD5
5b8ed6a7bb56fe0a482033b9a7a867cd
-
SHA1
9ba90cb15c9559b4d53beb7c9ee37944d0ddcfe0
-
SHA256
bd8e7b51bd1f05d761e2bfaccfb7b3ec87ac8cee1947ce3bd9c7687b495d861a
-
SHA512
26e20b05b79374914f68e7426acef638ee783b59b98fc78c275a90d3b0253283c0d53dc5cab512db5bf277156a70eeed7ea0996f89f348bc77825dedc0860c74
-
SSDEEP
3072:qhgQ0KKmY9mYZpxIqA+WAmJzCO6OUKowomlG6/13:qhgQ0KKPmY/WqA+WhzCydG69
Static task
static1
Behavioral task
behavioral1
Sample
5b8ed6a7bb56fe0a482033b9a7a867cd.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5b8ed6a7bb56fe0a482033b9a7a867cd.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
@usernameP1P
45.14.12.90:52072
Targets
-
-
Target
5b8ed6a7bb56fe0a482033b9a7a867cd
-
Size
119KB
-
MD5
5b8ed6a7bb56fe0a482033b9a7a867cd
-
SHA1
9ba90cb15c9559b4d53beb7c9ee37944d0ddcfe0
-
SHA256
bd8e7b51bd1f05d761e2bfaccfb7b3ec87ac8cee1947ce3bd9c7687b495d861a
-
SHA512
26e20b05b79374914f68e7426acef638ee783b59b98fc78c275a90d3b0253283c0d53dc5cab512db5bf277156a70eeed7ea0996f89f348bc77825dedc0860c74
-
SSDEEP
3072:qhgQ0KKmY9mYZpxIqA+WAmJzCO6OUKowomlG6/13:qhgQ0KKPmY/WqA+WhzCydG69
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-