General
-
Target
6f89400fec4650df06752dd42288a1a3e231e0b4
-
Size
301KB
-
Sample
241109-yjp9vstmdm
-
MD5
23ff76d397a0f9ed441b63a21f879a14
-
SHA1
6f89400fec4650df06752dd42288a1a3e231e0b4
-
SHA256
ab775442208874566eeb6aa864c71e6328a683925b51ab87ee5539437979d6fb
-
SHA512
75506892a486046c9a60229bd327aa628c343b21fb8b85659d113c04d3ad54eb4f6c219686b69813a90b04df8b56e82064f78af9b621be72a024e40c6544e481
-
SSDEEP
6144:S9oAdBhXnbCib7zW7hAOltIcT+oxAxUp401zA5ZNo:SGAdB94NqctKaVm57o
Static task
static1
Behavioral task
behavioral1
Sample
6f89400fec4650df06752dd42288a1a3e231e0b4.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
6f89400fec4650df06752dd42288a1a3e231e0b4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
9-5
139.99.32.83:43199
-
auth_value
637de2b47f42d9cc7912f71cb6b57b5b
Targets
-
-
Target
6f89400fec4650df06752dd42288a1a3e231e0b4
-
Size
301KB
-
MD5
23ff76d397a0f9ed441b63a21f879a14
-
SHA1
6f89400fec4650df06752dd42288a1a3e231e0b4
-
SHA256
ab775442208874566eeb6aa864c71e6328a683925b51ab87ee5539437979d6fb
-
SHA512
75506892a486046c9a60229bd327aa628c343b21fb8b85659d113c04d3ad54eb4f6c219686b69813a90b04df8b56e82064f78af9b621be72a024e40c6544e481
-
SSDEEP
6144:S9oAdBhXnbCib7zW7hAOltIcT+oxAxUp401zA5ZNo:SGAdB94NqctKaVm57o
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-