General
-
Target
73d897ece0ff8488c8fc0e1e6762dfd07a2a7845
-
Size
507KB
-
Sample
241109-yvd1za1ejk
-
MD5
ab49c2ca3305c4c3bc186410806d6592
-
SHA1
73d897ece0ff8488c8fc0e1e6762dfd07a2a7845
-
SHA256
3296baf533d18918548036af51b7f0091c6e605cdf15977d6a8ec5d8acd1a25e
-
SHA512
f3db78152a3fc60a56e98d1b45045d757a568ef0c856996c37b1a0bff7aa8ae784e9b28aa46a8326fefa3fa26115e6311d348256287e54f2a2600eabdfcb9003
-
SSDEEP
12288:UJtzAvBGK6Fo9KR0FUhCsRyIHPj3KVvGQ7WA4rfqNkESa5Vs0x:UJOPiPRyIvj4KRONke
Static task
static1
Behavioral task
behavioral1
Sample
514b153fab40eaa4af3da65815555d38dadd1a82dfa69c984e8a1a7bd52d0912.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
514b153fab40eaa4af3da65815555d38dadd1a82dfa69c984e8a1a7bd52d0912.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
193.106.191.160:8673
-
auth_value
b452e7074eb79e37fc942576d3e3c701
Targets
-
-
Target
514b153fab40eaa4af3da65815555d38dadd1a82dfa69c984e8a1a7bd52d0912.exe
-
Size
1.2MB
-
MD5
0d68db093491340bc76ffa5a0c26ff5a
-
SHA1
1e9d6fb6425bf3313add5000c3f12c542011ec65
-
SHA256
514b153fab40eaa4af3da65815555d38dadd1a82dfa69c984e8a1a7bd52d0912
-
SHA512
4cface11ff638170910a5183a9ae875feff493beb6267f0504e62041f02cdb12d5e59a4b6ab6f3bc5f711aad686efd456d138f385724cde8cc8da3f2b593401e
-
SSDEEP
24576:R0lMPffCqhz0+jYiYWl+t8KMEHJF+AxKf1PnqFMC+fuPO+v6YT:R0lMPHbl0TGkNrG+fT
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-