General
-
Target
c861261c18d3016009e78c4056691aa1369fdb54b7da2ee7ded00fd1d7a72f76
-
Size
155KB
-
Sample
241110-b1r4fszkaq
-
MD5
2789f00ed78c7c7815adff8e109daa6b
-
SHA1
9eaf3ae0478338dd4a1da54b71443627701a9619
-
SHA256
c861261c18d3016009e78c4056691aa1369fdb54b7da2ee7ded00fd1d7a72f76
-
SHA512
b7c5aa0b7fc2e41c9abd7288655f82cc57e67536bf26d49dfe1ba9b4cb5d40224871bc7a5e4053554e9edfa65fa6cd3b77e033a8bad37514362f8359a28d2f1a
-
SSDEEP
3072:tkACnsIimChVBd6y2/lc7MXQSkPqwkR2ydNP/6kcD1GWy:tkPnsdmMVBn2/lc/SkF+Fchjy
Static task
static1
Behavioral task
behavioral1
Sample
9b298cb4d3f65ef31c181df51412ad0daaf56951e4e470f0be70d19e07577a61.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9b298cb4d3f65ef31c181df51412ad0daaf56951e4e470f0be70d19e07577a61.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
TRY1
65.21.48.161:23507
-
auth_value
42abb248a0e1f6ac4641c0d24bd36485
Targets
-
-
Target
9b298cb4d3f65ef31c181df51412ad0daaf56951e4e470f0be70d19e07577a61.exe
-
Size
1.3MB
-
MD5
18f3bdf0c0f1be37b54ef2a414e10f92
-
SHA1
db3ff089e2b77a787aafdd566dbcf037c663a1a6
-
SHA256
9b298cb4d3f65ef31c181df51412ad0daaf56951e4e470f0be70d19e07577a61
-
SHA512
cf09bc77c37544e97e9114aafd8c4ca4aea92bfed91bfb71355805e283ebd15a82d6ff0a7d0594a42f6545049e84e896bcf067ab41b3ae63c1ceb40379fdaf78
-
SSDEEP
6144:067MlzO9w/WAF8jALfHU/6hDOSFqWIQYnQr:067MlzrPUyhaSE8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-