General
-
Target
df3eaa545b4ea760919cf931af960521
-
Size
1.5MB
-
Sample
241109-mlfbwsvrgp
-
MD5
df3eaa545b4ea760919cf931af960521
-
SHA1
5cbc5677328a48773cd843f8baae8012c932691f
-
SHA256
1c515ba8bd1319594bc5ef7f306c52b32d08d7aea0531f87d60b40b2ed797c51
-
SHA512
7ad0f78125cd19a395ea1385212fce91c675686958afb796ead2cff342645e43bab32836327e1b9a1cdbab38ee7d040b6290776d7950cf587746aa1a885273a2
-
SSDEEP
24576:evIr7w5P2yy5PCdNU6krlzxpdowqJcZKhS7p1KMuLwpcp/Ibt9aB7:evO7Y2yWb6krFxpdowqJcZKhS7pqLwpc
Static task
static1
Behavioral task
behavioral1
Sample
3fd1e5924ec48bb5abc6243cf1641e5f0323ab68d494e5c412a830e45f1e36d7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3fd1e5924ec48bb5abc6243cf1641e5f0323ab68d494e5c412a830e45f1e36d7.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
FTX
199.34.18.18:48587
-
auth_value
9e0934b1c6ab3552898af5bcbd95ed44
Targets
-
-
Target
3fd1e5924ec48bb5abc6243cf1641e5f0323ab68d494e5c412a830e45f1e36d7.exe
-
Size
1.7MB
-
MD5
1043817d0d592f519cadf46caf36d1c6
-
SHA1
2164d3cbfaebd2a58adf3e1ad06ed5f6e4ead928
-
SHA256
3fd1e5924ec48bb5abc6243cf1641e5f0323ab68d494e5c412a830e45f1e36d7
-
SHA512
197576a9a1821b4d517166c6df55879a2949a500920babcb6641b99b761db92eb68b58abace0ec92e527cdd871ceab3632374eb030ba8da5cd2d8a5ec9147675
-
SSDEEP
24576:6IuBu5SsFqHllFMco/TSBGIR3AwCctJqSXpnKycHVP5XUbme:6zBu5SsFUlFcbSAVwfZKL1REm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-