General
-
Target
a588719fde114a1cdc9dbb9218094c7485e28f5affdbd30ed6d6b2b4b2b5e57c
-
Size
4.1MB
-
Sample
240502-gs1nhsah5v
-
MD5
7f002bf46850eb5824ec8a18a192259e
-
SHA1
2d5c41cb3dd874e735dee3081657629cf51f4232
-
SHA256
a588719fde114a1cdc9dbb9218094c7485e28f5affdbd30ed6d6b2b4b2b5e57c
-
SHA512
2f634d38ec7150fcdd768d63eae8f0eb74b91d03d5f750a4ca164a8a5fcd815f7613d1151efdee3289ac994358d6163575f59f367d9b6440c1f5830005abf173
-
SSDEEP
49152:Les/XZr3JpblfAGf8qgYVwrQ659tRe0TrjDhw2Gk1ep80tcYapIOovxbw/:LeaZr3nbN3gY9I9t/rvhwo1Q8nY5Hv
Behavioral task
behavioral1
Sample
a588719fde114a1cdc9dbb9218094c7485e28f5affdbd30ed6d6b2b4b2b5e57c.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a588719fde114a1cdc9dbb9218094c7485e28f5affdbd30ed6d6b2b4b2b5e57c.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
BildNew1
45.140.167.55:14878
Targets
-
-
Target
a588719fde114a1cdc9dbb9218094c7485e28f5affdbd30ed6d6b2b4b2b5e57c
-
Size
4.1MB
-
MD5
7f002bf46850eb5824ec8a18a192259e
-
SHA1
2d5c41cb3dd874e735dee3081657629cf51f4232
-
SHA256
a588719fde114a1cdc9dbb9218094c7485e28f5affdbd30ed6d6b2b4b2b5e57c
-
SHA512
2f634d38ec7150fcdd768d63eae8f0eb74b91d03d5f750a4ca164a8a5fcd815f7613d1151efdee3289ac994358d6163575f59f367d9b6440c1f5830005abf173
-
SSDEEP
49152:Les/XZr3JpblfAGf8qgYVwrQ659tRe0TrjDhw2Gk1ep80tcYapIOovxbw/:LeaZr3nbN3gY9I9t/rvhwo1Q8nY5Hv
Score10/10-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-