General
-
Target
f34ff4756a0e299c19cb501c105608021e35fed1
-
Size
289KB
-
Sample
241109-znh7savlgr
-
MD5
d9aeedafd4aba0e4e0d1efc70b6d4852
-
SHA1
f34ff4756a0e299c19cb501c105608021e35fed1
-
SHA256
67be8a54f43a6fd55948e79c445ffe91da7b840a3016a69ad91a4cdf2fddd877
-
SHA512
195371ee67376f5b5a490eb70199036f59385e4679519b07c6d884e2e1e82e2cb46d5d45b4974ca3da965c46a0e01344ccb215378d2cdb5e28532578e6b88571
-
SSDEEP
6144:8XoqjzBltBvlWqEL+AOqgok19OM/cSgQL3x2RyXC:8XFjzbJwgok19ZbsmC
Static task
static1
Behavioral task
behavioral1
Sample
f34ff4756a0e299c19cb501c105608021e35fed1.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
f34ff4756a0e299c19cb501c105608021e35fed1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
nam5
103.89.90.61:34589
-
auth_value
543e073674533e6c674abb1adba6e5c7
Targets
-
-
Target
f34ff4756a0e299c19cb501c105608021e35fed1
-
Size
289KB
-
MD5
d9aeedafd4aba0e4e0d1efc70b6d4852
-
SHA1
f34ff4756a0e299c19cb501c105608021e35fed1
-
SHA256
67be8a54f43a6fd55948e79c445ffe91da7b840a3016a69ad91a4cdf2fddd877
-
SHA512
195371ee67376f5b5a490eb70199036f59385e4679519b07c6d884e2e1e82e2cb46d5d45b4974ca3da965c46a0e01344ccb215378d2cdb5e28532578e6b88571
-
SSDEEP
6144:8XoqjzBltBvlWqEL+AOqgok19OM/cSgQL3x2RyXC:8XFjzbJwgok19ZbsmC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-