General
-
Target
d3c3ef0b2b6f337b4cdc482528f45b3f916423a70a9f811cc23bba0a1925febc
-
Size
177KB
-
Sample
241109-m3738swlcm
-
MD5
e0ba8282b1e457d34a374bc93b24fddc
-
SHA1
c3aaef83d4332f0fb424443c28e0a95e9c3cff94
-
SHA256
d3c3ef0b2b6f337b4cdc482528f45b3f916423a70a9f811cc23bba0a1925febc
-
SHA512
084cb7c9567fc0ad0363a4b3a1da9d2dbe266c9c986128cb4dc5a65dd20e0fa9996170c6ad2174e5276e72ab65b7bcd1616b9b08129aaa6209c31b1a1b9a554f
-
SSDEEP
3072:8q2eJzEGmMi+iik1wQ5VnPGaeZwUGpQcj2+q4215PkhzjK3uGvw8JUQYcx+CrQPf:CyzrGTHqQHnGwf92+q54hvOjFx+6Ez2E
Static task
static1
Behavioral task
behavioral1
Sample
b83e4d26b756a9e947750030ee3d3f942ce1163a1593c067d245321ae152d7a1.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
b83e4d26b756a9e947750030ee3d3f942ce1163a1593c067d245321ae152d7a1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
5631065866_99
dragrun.top:28786
-
auth_value
8e0a1c9a030cc4c326c224fdeb62adbc
Targets
-
-
Target
b83e4d26b756a9e947750030ee3d3f942ce1163a1593c067d245321ae152d7a1.exe
-
Size
428KB
-
MD5
c26ef6474f3a55e5de9991431f0fd0a4
-
SHA1
6d3fd024c953cf7c29bd99023447af09c04e9083
-
SHA256
b83e4d26b756a9e947750030ee3d3f942ce1163a1593c067d245321ae152d7a1
-
SHA512
34fd28ccb1275d6356dff8a088301a867318f3695e8f417e53d435aacb618342dbca762111809f0a8a10a2feaa87cc3d7f0457b2d142cd9b42d5beec1474ce71
-
SSDEEP
6144:ZyulBKpG2sNOwIFq9kZFwYxTvHsEg2eIfMpo:Zy4IpGjN1IFSKFwYxvMfDr
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-