redline

General

Target

csgo-cs2-spoofer-main.zip
Size

786KB
Sample

240316-azfhlahb59
MD5

5736b68420da285f96af9d380840f14f
SHA1

bb32f696d327065feb501bd6728455c4de25959a
SHA256

ab7ef836e52bda5433e014057e88a57def522ef7e225a1a406208b19ac75e9a9
SHA512

7f059b111289f34d673d53e13d0f4d3f0d1824d4f55c62f12c43564bed40b1af08f458149e39dd0b71ecfef489d9f5270fec4ef28216bc968f6219b88033f62f
SSDEEP

12288:wzLV1pnjxB+GUNDISzPntD37aBhH04dsq570Jr8IA0xTCxJNuSPSBFSolanND9+:CpjP+GAcSzlb7adKj6ITC5MBs2aNx+

Score

10^/10

Malware Config

Extracted

Family

redline

C2

37.220.87.13:48790

Attributes

auth_value
85be55ada7eb5bd02a82897d6d3d081b

Targets

- Target
  
  csgo-cs2-spoofer-main.zip
- Size
  
  786KB
- MD5
  
  5736b68420da285f96af9d380840f14f
- SHA1
  
  bb32f696d327065feb501bd6728455c4de25959a
- SHA256
  
  ab7ef836e52bda5433e014057e88a57def522ef7e225a1a406208b19ac75e9a9
- SHA512
  
  7f059b111289f34d673d53e13d0f4d3f0d1824d4f55c62f12c43564bed40b1af08f458149e39dd0b71ecfef489d9f5270fec4ef28216bc968f6219b88033f62f
- SSDEEP
  
  12288:wzLV1pnjxB+GUNDISzPntD37aBhH04dsq570Jr8IA0xTCxJNuSPSBFSolanND9+:CpjP+GAcSzlb7adKj6ITC5MBs2aNx+
Score

1^/10
behavioral1
- Target
  
  csgo-cs2-spoofer-main/Serial.Change/Spoofer.bat
- Size
  
  45KB
- MD5
  
  2f5d048f0459e679eb6d45bda12004cd
- SHA1
  
  997bb6807a737c23fa6ce9668789d932f87f486c
- SHA256
  
  01bb5217494cbaa202a7591a56c2eaf3c7e770139ca8d45373d313c8f87904e2
- SHA512
  
  a46a81b259ac35f8be5812d5c2c20e7ecb6dca91861ffbe83ecdb3ca3caadd08c835793b70fc439f3b9669300f3b617f83fdfb207327b59664af7479f063d6e0
- SSDEEP
  
  384:xefoA9SjSmLIb9a+dcJy10+D2s99VSMZ4YIYkpAlOE0P5Gw4wsID8ankvYBMxTpv:0r/iAlOVP5Gw4tVlMCAVOFJ
Score

1^/10
behavioral2
- Target
  
  csgo-cs2-spoofer-main/Spoofer.exe
- Size
  
  1.3MB
- MD5
  
  6be1bbdf7fe0717ff037c91231f6eca9
- SHA1
  
  a2afd81dbe7838f208524f343f0def3eb5d6e510
- SHA256
  
  44c30e51e3d20d0a8f9c0522b7391599ed2849aacd099bc9494109adbb72b337
- SHA512
  
  faf6d2a2ec914f1151fd61f60c679ce5a2728bfb77751334e8bc196f95c031773ce9cf0db4eccd787c972f8e396fb1a206c4ead1b1f5cfb2a30e93db23233358
- SSDEEP
  
  6144:bYEWvQ52Qd+iTHP/0AOlF98sfWd6uZzp4AjFWtAl:UEWvQ5/Tn0HF9HfsvLFeAl
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral3
- Target
  
  csgo-cs2-spoofer-main/Taskbar.Kill/Taskkill_clean.bat
- Size
  
  2KB
- MD5
  
  712c005ebe175282f4fd644144f8bcd5
- SHA1
  
  e3167aa2650dc6d15f295a6de9e2b83211f565c3
- SHA256
  
  540ba332bbf723178fe9b662c528dfa91e0aa08f924f4d557664316b2649507a
- SHA512
  
  108021facba33c0297490defa830947fc437d3f1522c8fb874f52d4235b77ecdc88ae66537b2c07c89815b31a38e756207e0d4ca5d2ca6b134939fc2fc2481a1
Score

8^/10

evasion
- Stops running service(s)
  evasion
behavioral4
- Target
  
  csgo-cs2-spoofer-main/imgui/imgui_widgets.cpp
- Size
  
  344KB
- MD5
  
  c084794e4aeeec04b810f9021d58e66c
- SHA1
  
  3b9c7947f6e0259c1eb3bf5c08dcbb6636b33597
- SHA256
  
  23eb93ece96209a4eb4e1c9aead0ea51371e4d1dd6ba075f46756b837eb7448e
- SHA512
  
  ece410ee63c6517acbb114ae4e4f66c69bf9dc1783bb47f38ce7b17c038e6de71c910a6759523768f9f602ea6110f8e705a4a965d4b4e4b5d2b7332417809c10
- SSDEEP
  
  1536:NY0szajHe6lZ+/T/7gHGVENW4ZLWI7iHdqW9nqptoIQU1PvHBWhuqM93EUlyswNC:FLjHrz+Hgs4ZLWINtofhXbtNIfPhjy7W
Score

1^/10
behavioral5