General
-
Target
218b9377914acc562ca8ccad9a110b3b939e5c4982f6c64beb292d64d73f9596
-
Size
390KB
-
Sample
241109-xtn9wasrcr
-
MD5
9f822d1c2518aa50dd8c38face37ee70
-
SHA1
fecd363717dcf0c3738221bdf7743f964922c620
-
SHA256
218b9377914acc562ca8ccad9a110b3b939e5c4982f6c64beb292d64d73f9596
-
SHA512
20a1af60f7a731b189890c9934709d1ce75067d8b0665692c97380e738a29cded3907c1de57df549a05d67003902c0218be415e116c6c17d55f809f96c241d74
-
SSDEEP
12288:QQtVZJp0BG3x85VKFr+IG8jLyR5DgBGdDEJ/BCi:lhJ3Rp
Static task
static1
Behavioral task
behavioral1
Sample
218b9377914acc562ca8ccad9a110b3b939e5c4982f6c64beb292d64d73f9596.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
218b9377914acc562ca8ccad9a110b3b939e5c4982f6c64beb292d64d73f9596.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
0988765
93.115.20.139:28978
-
auth_value
834c1ab8c6df85027b5cf1579537b485
Targets
-
-
Target
218b9377914acc562ca8ccad9a110b3b939e5c4982f6c64beb292d64d73f9596
-
Size
390KB
-
MD5
9f822d1c2518aa50dd8c38face37ee70
-
SHA1
fecd363717dcf0c3738221bdf7743f964922c620
-
SHA256
218b9377914acc562ca8ccad9a110b3b939e5c4982f6c64beb292d64d73f9596
-
SHA512
20a1af60f7a731b189890c9934709d1ce75067d8b0665692c97380e738a29cded3907c1de57df549a05d67003902c0218be415e116c6c17d55f809f96c241d74
-
SSDEEP
12288:QQtVZJp0BG3x85VKFr+IG8jLyR5DgBGdDEJ/BCi:lhJ3Rp
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-