General
-
Target
b3dbaac1d97a60a6134ea0a30ebbd12356ee41bd940d652f9fd0648f654f360d
-
Size
9.1MB
-
Sample
241109-y58cka1glm
-
MD5
f7b955d763cc1826220937fb4f029395
-
SHA1
0cbf104568d2c5ae3732ab2e22617c26636b1da8
-
SHA256
b3dbaac1d97a60a6134ea0a30ebbd12356ee41bd940d652f9fd0648f654f360d
-
SHA512
41a995df1f077bc7288ddf8e2d6f00fc638882f34b1594c1c6032af07bc62ccb0cf46c3f96e7da1701a5d111c6be1cd803473c8ba1df88d01e7bc993afaae3bd
-
SSDEEP
196608:WTAQPJC79VHabA7WT8N1BxYS7FQiJkDxc7NhltGsLHX7qgQcBTTH:rQPJqPsA7E8RxYE+iJu+7NhJL+gFH
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@dxpex
185.11.73.34:18717
-
auth_value
7d71dc2486a2f78d8097fa5a22e9ed30
Targets
-
-
Target
setup.exe
-
Size
600KB
-
MD5
52be306b77fc18e2db2ad3ec7d08f008
-
SHA1
4d75fe2be99acd65d3276be87f553aa54457d38c
-
SHA256
0597ad3f1805bbfaf14910f21aa830c489ec9fe2876407e3cbb24f60b364acd4
-
SHA512
7b2d464c1fd823f0fb65d28ebb9d2d660af3d55e14eb5bb21672be558d6ddd5ba2efba20a1eb0832a7b179cac8376972552bee831dc621e9a02b19b6fc1b9177
-
SSDEEP
12288:9zpAD4jTzVbgoJ6k/P2RNlZGzQS03ULaHNqrxlKIQNoxcd/BlZk8gKt:9Vq47VbXZ/ORvZGzkEaHNYK3Mcd5lgu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-