General
-
Target
9cb0123894725bbe0302fa1f1f7dd154dc2592f65081653a4f20cea36a9195dc
-
Size
1.9MB
-
Sample
241109-x7qd4azlfs
-
MD5
8bb94e79898429bd6ae438b7c679e88d
-
SHA1
2ea4fa7a9dfbb8d956e69c810ce6692efd82045e
-
SHA256
9cb0123894725bbe0302fa1f1f7dd154dc2592f65081653a4f20cea36a9195dc
-
SHA512
d8f6dda1aac7e989f7ebaefca16bd2f95dd739d6200f1b3e276cf9bfd00c2cc50fc65564d802861641e48191dff4d53121488bdd96e45dd653c61b703cfbdfe6
-
SSDEEP
49152:e06m7NpA0GNJ/lU+zJwZjvjcpT+gDEvTqb8Td/pP6F:eA7UJ/5zGZjvjcQgGqYJ
Static task
static1
Behavioral task
behavioral1
Sample
9cb0123894725bbe0302fa1f1f7dd154dc2592f65081653a4f20cea36a9195dc.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9cb0123894725bbe0302fa1f1f7dd154dc2592f65081653a4f20cea36a9195dc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@merlinholy
185.189.167.123:37360
-
auth_value
9c36b63cccb3eade62bdc17519c7bd37
Targets
-
-
Target
9cb0123894725bbe0302fa1f1f7dd154dc2592f65081653a4f20cea36a9195dc
-
Size
1.9MB
-
MD5
8bb94e79898429bd6ae438b7c679e88d
-
SHA1
2ea4fa7a9dfbb8d956e69c810ce6692efd82045e
-
SHA256
9cb0123894725bbe0302fa1f1f7dd154dc2592f65081653a4f20cea36a9195dc
-
SHA512
d8f6dda1aac7e989f7ebaefca16bd2f95dd739d6200f1b3e276cf9bfd00c2cc50fc65564d802861641e48191dff4d53121488bdd96e45dd653c61b703cfbdfe6
-
SSDEEP
49152:e06m7NpA0GNJ/lU+zJwZjvjcpT+gDEvTqb8Td/pP6F:eA7UJ/5zGZjvjcQgGqYJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-