General
-
Target
116c606c17de79c45fa45110ab305122b8c8915125ec48b950e7ddc556ea6304
-
Size
389KB
-
Sample
241107-pwx1sssepq
-
MD5
87959ca1627e213bb517ca964fab49fd
-
SHA1
3c0f28d61071e2aa903a82cb3dda6b63762c8701
-
SHA256
116c606c17de79c45fa45110ab305122b8c8915125ec48b950e7ddc556ea6304
-
SHA512
72562caf68b4d5059c9a76aa9b9f601b4b702845a917e5d22d9544f39dadd156d7b4b217756dc31288bd663d8a40d8d074bcac55ee503234cc81a2e58ff253bd
-
SSDEEP
6144:Am4dxganzHlvVtNMGmHfuAKMpxSAOJnafoA1BFKZToX+kBPxf39M:AtcanzHlvxMLSb+f0axlM
Static task
static1
Behavioral task
behavioral1
Sample
116c606c17de79c45fa45110ab305122b8c8915125ec48b950e7ddc556ea6304.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
116c606c17de79c45fa45110ab305122b8c8915125ec48b950e7ddc556ea6304.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
11
79.137.202.18:45218
-
auth_value
107e09eee63158d2488feb03dac75204
Targets
-
-
Target
116c606c17de79c45fa45110ab305122b8c8915125ec48b950e7ddc556ea6304
-
Size
389KB
-
MD5
87959ca1627e213bb517ca964fab49fd
-
SHA1
3c0f28d61071e2aa903a82cb3dda6b63762c8701
-
SHA256
116c606c17de79c45fa45110ab305122b8c8915125ec48b950e7ddc556ea6304
-
SHA512
72562caf68b4d5059c9a76aa9b9f601b4b702845a917e5d22d9544f39dadd156d7b4b217756dc31288bd663d8a40d8d074bcac55ee503234cc81a2e58ff253bd
-
SSDEEP
6144:Am4dxganzHlvVtNMGmHfuAKMpxSAOJnafoA1BFKZToX+kBPxf39M:AtcanzHlvxMLSb+f0axlM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-