General
-
Target
aa1478441fd4bc715338f2fd85b4dc85
-
Size
719KB
-
Sample
241111-bx95vszamr
-
MD5
aa1478441fd4bc715338f2fd85b4dc85
-
SHA1
32a1d11dab5a9e31f3f9c0bdf20d7aff83a671f4
-
SHA256
e1e5b0c1a6e6bd88494c11fe5e9db4d3c12d27c2ce909070eadb68f609bddf0b
-
SHA512
79c1fa2558653a9ca390d736538fec761694a5ab3f26e1cc45df2f94ab6452df5ef68da8e2e7efe9f8df307dee17696a28c202bd81db828e5994abab1217aa33
-
SSDEEP
12288:kgBtLZA7fsuwp1ZFNi2IEiCBq9TsfcXLnx0/TW5PudT+BZk0wrXfzOd2IBdKWT:kqtLZA7fjEiCBqx6gLoTW5nk0abOkQ
Static task
static1
Behavioral task
behavioral1
Sample
aa1478441fd4bc715338f2fd85b4dc85.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
aa1478441fd4bc715338f2fd85b4dc85.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
aa1478441fd4bc715338f2fd85b4dc85
-
Size
719KB
-
MD5
aa1478441fd4bc715338f2fd85b4dc85
-
SHA1
32a1d11dab5a9e31f3f9c0bdf20d7aff83a671f4
-
SHA256
e1e5b0c1a6e6bd88494c11fe5e9db4d3c12d27c2ce909070eadb68f609bddf0b
-
SHA512
79c1fa2558653a9ca390d736538fec761694a5ab3f26e1cc45df2f94ab6452df5ef68da8e2e7efe9f8df307dee17696a28c202bd81db828e5994abab1217aa33
-
SSDEEP
12288:kgBtLZA7fsuwp1ZFNi2IEiCBq9TsfcXLnx0/TW5PudT+BZk0wrXfzOd2IBdKWT:kqtLZA7fjEiCBqx6gLoTW5nk0abOkQ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-