General
-
Target
18cc5b072b4e0e2776efc2a629ffde2a
-
Size
148KB
-
Sample
241109-y19pts1fpc
-
MD5
18cc5b072b4e0e2776efc2a629ffde2a
-
SHA1
bfff213e4e61e12c395b945406f8f8a7eca32e24
-
SHA256
4d69923a19bf71456cec95773df6618eb226c7522eff306a0fb117fda137f2c3
-
SHA512
e3dad34f1adff80d6e174680d788b127ca042d95ecbf5bdff8d43cc1a6bf6e28b0280fb74824d13ec2670e96b64921c1f8e3849ea20153891c8de8a7b51c45ed
-
SSDEEP
3072:5EyCHi6sTGyqOOft/rlJkjxtGXuvcSwnvehxACDHUBHpJFUh:Cygqi8UDaja+kJvMxXDHsJFUh
Static task
static1
Behavioral task
behavioral1
Sample
6246f7af345ac_Fri13b7f06884.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
6246f7af345ac_Fri13b7f06884.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
same
116.202.106.111:9582
-
auth_value
6fcb28e68ce71e9cfc2aae3ba5e92f33
Targets
-
-
Target
6246f7af345ac_Fri13b7f06884.bin
-
Size
315KB
-
MD5
84e9047be9d225a784b8855640a6d034
-
SHA1
deadecb0340b58236fd4e6127b0a545c47e7393e
-
SHA256
40fd6365f236050b75bd96ad7cab07c6b6875ce2c76016499bed58e5a27ef0de
-
SHA512
8a721f423f61504bf0de5acedf37a5e48d8f8e7d74a547f1865904e168622a075d64f1bb7b2aa8f150a0eb0d1e035d342d5268b4ab460c18713ce6425330da50
-
SSDEEP
3072:Lz3BD0gFqkBzwLlTTff4O56JYgdH9/8q61in7TiMFQbGDDMxj2fFkaUNsxed9+Rv:LNsJA/8q6AXHDvuHr3OslF3ZvJsI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-