General
-
Target
1afefe979cb11e53a22172f046680513dabe1bd877746ac21e2f67f02f28151e
-
Size
593KB
-
Sample
241109-mefdba1rfv
-
MD5
cca17c48d5d42c205f1add433db88280
-
SHA1
550049faec266c0afe46afcaeddeaeca21f64595
-
SHA256
1afefe979cb11e53a22172f046680513dabe1bd877746ac21e2f67f02f28151e
-
SHA512
e951db7413af64265296391688b4e9825c857d9ada144d447a7f6fec134086bdfe4238e15196c63aa91e070a28e9ee90400041a4dc00da87a9a7566f973d89d5
-
SSDEEP
12288:gLow6+HZV0s/raPkqYI8AdqmHkks5y3Aa/LyecXXzzGi:gLoMjeb8Ad/k950ZpcXX//
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@dxpex
185.11.73.34:18717
-
auth_value
7d71dc2486a2f78d8097fa5a22e9ed30
Targets
-
-
Target
setup.exe
-
Size
600KB
-
MD5
52be306b77fc18e2db2ad3ec7d08f008
-
SHA1
4d75fe2be99acd65d3276be87f553aa54457d38c
-
SHA256
0597ad3f1805bbfaf14910f21aa830c489ec9fe2876407e3cbb24f60b364acd4
-
SHA512
7b2d464c1fd823f0fb65d28ebb9d2d660af3d55e14eb5bb21672be558d6ddd5ba2efba20a1eb0832a7b179cac8376972552bee831dc621e9a02b19b6fc1b9177
-
SSDEEP
12288:9zpAD4jTzVbgoJ6k/P2RNlZGzQS03ULaHNqrxlKIQNoxcd/BlZk8gKt:9Vq47VbXZ/ORvZGzkEaHNYK3Mcd5lgu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-