General
-
Target
fcb8a4b3ced65bf7537560f8062658cf6e99ebf5eb8ec9a7e73cc347359896b8
-
Size
192KB
-
Sample
241109-ym6q1s1cqq
-
MD5
b4db4ae93a17d8d4d335f6f903a91ad7
-
SHA1
3e24a5ccd18d77266fd2417d960048b12169649c
-
SHA256
fcb8a4b3ced65bf7537560f8062658cf6e99ebf5eb8ec9a7e73cc347359896b8
-
SHA512
bbf3227c7a55b72f98be8fc5384f26db7c677e985eda75cc907598d13bb41706599f2f89c18e3fe2c6a8999483c5a78c54dcde8fe79e9543f0c3233737c756ee
-
SSDEEP
6144:n2YnhYdPG8XLBgSwsohaRdlT165z8Kep9v:nTn2dPBtgS8hAdPO8Ku
Static task
static1
Behavioral task
behavioral1
Sample
340bb878ef89813c76d3e1e707f376ee7d1542b0a8d3fb43ef683b568e8a6e27.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
340bb878ef89813c76d3e1e707f376ee7d1542b0a8d3fb43ef683b568e8a6e27.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
135.181.173.163:4326
-
auth_value
a909e2aaecf96137978fea4f86400b9b
Targets
-
-
Target
340bb878ef89813c76d3e1e707f376ee7d1542b0a8d3fb43ef683b568e8a6e27.exe
-
Size
1.2MB
-
MD5
10a20cee622c86d4c18b844bd5152615
-
SHA1
7cf1b7eb424408c3cd0bbbad4badda09dad1914d
-
SHA256
340bb878ef89813c76d3e1e707f376ee7d1542b0a8d3fb43ef683b568e8a6e27
-
SHA512
5d7e66ad5103a73c6d66694681f03bb9ba9665315828da4432944081a679e5a10728d97887ad53e085791d7d62858916e42be57a59c5a32e4c97a8c242e87254
-
SSDEEP
12288:9abzQlv3Q4f6uyBYk7n5Bbdh+kF7tGGlvU:miv3Qqqbf9U
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-