General
-
Target
1918e39f86134f9bc8ac8d07c90a4116af7376b3dae61d774d0385eb9641655f
-
Size
1.9MB
-
Sample
241109-1ds5nsvrap
-
MD5
b47ef9ff8493403098a97a8093edba36
-
SHA1
0dd8130190538f058467d2aaf5a63e28010ba85f
-
SHA256
1918e39f86134f9bc8ac8d07c90a4116af7376b3dae61d774d0385eb9641655f
-
SHA512
eac6dba5421b29aaeaa43cf5bc9a3a2bf2a900a0cee1733b95d4bf3295970f9e99f8de5f3586f733ce83bad8fc1a66040f16659f4a05bc446749983fbb93d528
-
SSDEEP
49152:e06m7NpA0GNJ/lU+zJwZjvjcpT+gDEvTqb8Td/pP6F:eA7UJ/5zGZjvjcQgGqYJ
Static task
static1
Behavioral task
behavioral1
Sample
1918e39f86134f9bc8ac8d07c90a4116af7376b3dae61d774d0385eb9641655f.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
1918e39f86134f9bc8ac8d07c90a4116af7376b3dae61d774d0385eb9641655f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@merlinholy
185.189.167.123:37360
-
auth_value
9c36b63cccb3eade62bdc17519c7bd37
Targets
-
-
Target
1918e39f86134f9bc8ac8d07c90a4116af7376b3dae61d774d0385eb9641655f
-
Size
1.9MB
-
MD5
b47ef9ff8493403098a97a8093edba36
-
SHA1
0dd8130190538f058467d2aaf5a63e28010ba85f
-
SHA256
1918e39f86134f9bc8ac8d07c90a4116af7376b3dae61d774d0385eb9641655f
-
SHA512
eac6dba5421b29aaeaa43cf5bc9a3a2bf2a900a0cee1733b95d4bf3295970f9e99f8de5f3586f733ce83bad8fc1a66040f16659f4a05bc446749983fbb93d528
-
SSDEEP
49152:e06m7NpA0GNJ/lU+zJwZjvjcpT+gDEvTqb8Td/pP6F:eA7UJ/5zGZjvjcQgGqYJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-