General
-
Target
c61c9ed0fdbcc1a5be82feb4895fe1a553659738137d8ed319c9f63ad301e423
-
Size
484KB
-
Sample
240319-xpejwacc62
-
MD5
5e88980bb982663f2d687fd72bacd880
-
SHA1
04ea23d8cc91ee71b13476b4b60eee4fe478e01c
-
SHA256
c61c9ed0fdbcc1a5be82feb4895fe1a553659738137d8ed319c9f63ad301e423
-
SHA512
06b744b1a238c76b90a1182315838ee22e240cbd33d7ba9fabca344abca6e52e20fdfcd965febc18d82d05ad478aff7a4720715d7ed124ead75d9b91afc8301d
-
SSDEEP
12288:+h1Fk70Tnvjct35lxE/Ui3kzubOm45V2dHgEIqSOJ:Ik70TrcZxE/USkzuN8OJ
Static task
static1
Behavioral task
behavioral1
Sample
c61c9ed0fdbcc1a5be82feb4895fe1a553659738137d8ed319c9f63ad301e423.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
c61c9ed0fdbcc1a5be82feb4895fe1a553659738137d8ed319c9f63ad301e423.exe
Resource
win11-20240221-en
Malware Config
Extracted
redline
siski
168.119.242.255:7742
Targets
-
-
Target
c61c9ed0fdbcc1a5be82feb4895fe1a553659738137d8ed319c9f63ad301e423
-
Size
484KB
-
MD5
5e88980bb982663f2d687fd72bacd880
-
SHA1
04ea23d8cc91ee71b13476b4b60eee4fe478e01c
-
SHA256
c61c9ed0fdbcc1a5be82feb4895fe1a553659738137d8ed319c9f63ad301e423
-
SHA512
06b744b1a238c76b90a1182315838ee22e240cbd33d7ba9fabca344abca6e52e20fdfcd965febc18d82d05ad478aff7a4720715d7ed124ead75d9b91afc8301d
-
SSDEEP
12288:+h1Fk70Tnvjct35lxE/Ui3kzubOm45V2dHgEIqSOJ:Ik70TrcZxE/USkzuN8OJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Suspicious use of SetThreadContext
-