General
-
Target
906820c3da391aa6c0b53b44ba67a5fb
-
Size
300KB
-
Sample
241109-yl8h8a1cnq
-
MD5
906820c3da391aa6c0b53b44ba67a5fb
-
SHA1
3d65c9f4956890abf5d2ddd78dcf0206d285335c
-
SHA256
d97cb558c1d67a532b0653c37656c2c70b5321e464a79b788bb8a0ea6c05e114
-
SHA512
6166541d9924d0c4d4cf54e85c803de87cdd9f83eadb3ba286cafe5ad9bd6a2bc8406bbf17a74f701b6515bedf1388cc1f77a43d2a1481cce1f8a5c046bcca02
-
SSDEEP
6144:GvxlVJyUAdJNAAK4rcnrAoABAOj7i+yEkiMP0+p57Z:GJlVJyUAj/cSBZ7LWrZ
Static task
static1
Behavioral task
behavioral1
Sample
906820c3da391aa6c0b53b44ba67a5fb.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
906820c3da391aa6c0b53b44ba67a5fb.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
nam5
103.89.90.61:34589
-
auth_value
543e073674533e6c674abb1adba6e5c7
Targets
-
-
Target
906820c3da391aa6c0b53b44ba67a5fb
-
Size
300KB
-
MD5
906820c3da391aa6c0b53b44ba67a5fb
-
SHA1
3d65c9f4956890abf5d2ddd78dcf0206d285335c
-
SHA256
d97cb558c1d67a532b0653c37656c2c70b5321e464a79b788bb8a0ea6c05e114
-
SHA512
6166541d9924d0c4d4cf54e85c803de87cdd9f83eadb3ba286cafe5ad9bd6a2bc8406bbf17a74f701b6515bedf1388cc1f77a43d2a1481cce1f8a5c046bcca02
-
SSDEEP
6144:GvxlVJyUAdJNAAK4rcnrAoABAOj7i+yEkiMP0+p57Z:GJlVJyUAj/cSBZ7LWrZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-