General
-
Target
e4f22fce8bdeb8c1b6189ba8373d5887b366e5ad73bdad1b9b7b9344b6e8894d
-
Size
723KB
-
Sample
241109-xvndzazgnq
-
MD5
9222098c72af29bb782cfec2a6d5bb3b
-
SHA1
a5f08d1fcf2b5824d6ca7a0ccf8600129130680a
-
SHA256
e4f22fce8bdeb8c1b6189ba8373d5887b366e5ad73bdad1b9b7b9344b6e8894d
-
SHA512
85f59d2da6aa3ad294fb2ef6137258cc6a0ddc05be8ec2f3559348ade49e88d84bd441d804b8a7ad5afa2a1894732b67b93de6df32bce541d881abb951595ef1
-
SSDEEP
12288:zQfr26UZpkBqzSsQBmUQEI2yEicJZv7EWZ0ehSFjKiVpuaUiazGYuuwRlSepRijd:zQfrxUZpkBqB/Ei+ZzEWZzyKn+wsq
Static task
static1
Behavioral task
behavioral1
Sample
e4f22fce8bdeb8c1b6189ba8373d5887b366e5ad73bdad1b9b7b9344b6e8894d.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
e4f22fce8bdeb8c1b6189ba8373d5887b366e5ad73bdad1b9b7b9344b6e8894d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
Google2
167.235.71.14:20469
-
auth_value
fb274d9691235ba015830da570a13578
Targets
-
-
Target
e4f22fce8bdeb8c1b6189ba8373d5887b366e5ad73bdad1b9b7b9344b6e8894d
-
Size
723KB
-
MD5
9222098c72af29bb782cfec2a6d5bb3b
-
SHA1
a5f08d1fcf2b5824d6ca7a0ccf8600129130680a
-
SHA256
e4f22fce8bdeb8c1b6189ba8373d5887b366e5ad73bdad1b9b7b9344b6e8894d
-
SHA512
85f59d2da6aa3ad294fb2ef6137258cc6a0ddc05be8ec2f3559348ade49e88d84bd441d804b8a7ad5afa2a1894732b67b93de6df32bce541d881abb951595ef1
-
SSDEEP
12288:zQfr26UZpkBqzSsQBmUQEI2yEicJZv7EWZ0ehSFjKiVpuaUiazGYuuwRlSepRijd:zQfrxUZpkBqB/Ei+ZzEWZzyKn+wsq
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-