General
-
Target
2397e2acb9a45df24ce1dc2eb7129177257d3a585c765a51c5bf8f7797611c06
-
Size
937KB
-
Sample
241109-1tjaeawlaq
-
MD5
2ef24b675e227a88c54be09a51f6bbf7
-
SHA1
e498eedd68be3a19d148c4f91dcaaedc0cdac146
-
SHA256
2397e2acb9a45df24ce1dc2eb7129177257d3a585c765a51c5bf8f7797611c06
-
SHA512
532e3cadf1b5303d216355d77092759c3308110b7310e257bdcafc855f1fdb35619fa55702a1dfa1a3376be0865e1cac802404d954b9df35d64a70e4396e2eed
-
SSDEEP
24576:2OHtsct4XhXF+bE4KQepSU4YZM2K7Xt3tUnxh2VOUjAZHv:2SCcWp7nl4YZM2K7X1Cnxh9
Static task
static1
Behavioral task
behavioral1
Sample
860fcbbd9da42334429db9b46d96121091f0accac3ac1a8b5c2615039f00b657.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
860fcbbd9da42334429db9b46d96121091f0accac3ac1a8b5c2615039f00b657.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@lowwifi
185.189.167.123:37360
-
auth_value
8b9b49cc37bda909a48c4ba6b4702e99
Targets
-
-
Target
860fcbbd9da42334429db9b46d96121091f0accac3ac1a8b5c2615039f00b657
-
Size
1.8MB
-
MD5
f244313bf4a7727eaa0a1cef4b83fc9c
-
SHA1
542f8e0096a7a8cea02f5e16a80f7ee7087f8385
-
SHA256
860fcbbd9da42334429db9b46d96121091f0accac3ac1a8b5c2615039f00b657
-
SHA512
4f35dec8e7acaeb8b24c66b62a59c1fa8db97844f4785c4a2b44e19144711ae23b445fc538ae68b3649a8896078ff62cf0c169bfc833a2d2c8b04435315c688f
-
SSDEEP
49152:QYpDxT293hpKIOenB4V2GSSeVbv2N2O90TTNag1:FChpKIOe8eSeVbv8NGEM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-