General
-
Target
3cda369a2f6c8eb0b26616906158f613ff5ab0351f7b0e55852fa3c29b8a25fe
-
Size
1.8MB
-
Sample
241109-yk91natmfq
-
MD5
8aed70b8a3d23b792ae9a2c4c8ae402e
-
SHA1
1f77909a2a843894eac7a6a174df0ffd2a3b6bd0
-
SHA256
3cda369a2f6c8eb0b26616906158f613ff5ab0351f7b0e55852fa3c29b8a25fe
-
SHA512
1c3807251d3e77b5d4fd1104f1e593bfececd505c9e10a4bb205d6725fad4bc6bddc0c2b2309bb9b8b2f6d8cd8530c924488f0849b0beaca7237b3489d5e69e5
-
SSDEEP
49152:sXV6J6fD5bG8bAm/EoN6gbR5Az/wCd9FlP+Re:QVm6flRkwDAUCd/lPx
Static task
static1
Behavioral task
behavioral1
Sample
fec0d6c1799c5cda897effd9e4b73dd74d82f7e034a87aea56c9851a0d167206.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
fec0d6c1799c5cda897effd9e4b73dd74d82f7e034a87aea56c9851a0d167206.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
13fin
45.15.156.217:9279
-
auth_value
1645d0b21b6f7323bae97845a7a835e2
Targets
-
-
Target
fec0d6c1799c5cda897effd9e4b73dd74d82f7e034a87aea56c9851a0d167206
-
Size
626.6MB
-
MD5
e814d32708213c1c56d7d5e80093ceb4
-
SHA1
8c205abcbcfbbe8afad42f5c85f6d3a503568c50
-
SHA256
fec0d6c1799c5cda897effd9e4b73dd74d82f7e034a87aea56c9851a0d167206
-
SHA512
cec475bb0004922b0a57ce82bc9cd701844f4e888fdf969c1ef8e592802b30f3652aa5c0a6f47913b0d5f93f2b083488fabd4457c1a16d0afbb1ae63d3d2c260
-
SSDEEP
49152:Hh+ZkldoPK8Ya05pEswo/qCxAiXF+IKe:w2cPK80fqYAii
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-