General
-
Target
71ee7896537b0fed44212b8df9568085013adf7dd5beb24b363f5a263a682229
-
Size
389KB
-
Sample
241107-jy959aydkg
-
MD5
c5d64fa5d90d3cf9321504a934b41839
-
SHA1
88093a1d0d5efc74c0311c769189735b7d8abc37
-
SHA256
71ee7896537b0fed44212b8df9568085013adf7dd5beb24b363f5a263a682229
-
SHA512
723ec9ba02eaba54977d926248c601c23a3686b24098865f6dbe46288a9a0e623449a2404439b5a2cbb323d04373bb3d37e4a341a8fa763370372fbb8e9cf578
-
SSDEEP
6144:am4dxganzHlvVtNMGmHfuAKMpxSAOMZw/m7o8Lxy6pR9a2uiy2s9M:atcanzHlvxMLSyLfR39a2SFM
Static task
static1
Behavioral task
behavioral1
Sample
71ee7896537b0fed44212b8df9568085013adf7dd5beb24b363f5a263a682229.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
71ee7896537b0fed44212b8df9568085013adf7dd5beb24b363f5a263a682229.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
11
79.137.202.18:45218
-
auth_value
107e09eee63158d2488feb03dac75204
Targets
-
-
Target
71ee7896537b0fed44212b8df9568085013adf7dd5beb24b363f5a263a682229
-
Size
389KB
-
MD5
c5d64fa5d90d3cf9321504a934b41839
-
SHA1
88093a1d0d5efc74c0311c769189735b7d8abc37
-
SHA256
71ee7896537b0fed44212b8df9568085013adf7dd5beb24b363f5a263a682229
-
SHA512
723ec9ba02eaba54977d926248c601c23a3686b24098865f6dbe46288a9a0e623449a2404439b5a2cbb323d04373bb3d37e4a341a8fa763370372fbb8e9cf578
-
SSDEEP
6144:am4dxganzHlvVtNMGmHfuAKMpxSAOMZw/m7o8Lxy6pR9a2uiy2s9M:atcanzHlvxMLSyLfR39a2SFM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-