General
-
Target
318b0b0864f1e59615ed7d141468a5c35ce58288423927106788ad479f8b885e
-
Size
289KB
-
Sample
241111-htjbastrht
-
MD5
60169a8cb09c484105a950ddf5e27870
-
SHA1
d23d812f02e264d12fa41705f2fd655c3ecdcfe4
-
SHA256
318b0b0864f1e59615ed7d141468a5c35ce58288423927106788ad479f8b885e
-
SHA512
a935647c2846622651bd26c4a85d7de8d087294782c6d7ec4468e96d9faca16acb140cfc59b7c459cd36e2a255a73f68a39f31a37bf46ac8638f14c8bad08fd6
-
SSDEEP
6144:avoqjzBltBvlWqEL+AOpjevb7A38VzZntXGPcsXC:avFjzbJQfA3ctXVQC
Static task
static1
Behavioral task
behavioral1
Sample
318b0b0864f1e59615ed7d141468a5c35ce58288423927106788ad479f8b885e.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
318b0b0864f1e59615ed7d141468a5c35ce58288423927106788ad479f8b885e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
nam5
103.89.90.61:34589
-
auth_value
543e073674533e6c674abb1adba6e5c7
Targets
-
-
Target
318b0b0864f1e59615ed7d141468a5c35ce58288423927106788ad479f8b885e
-
Size
289KB
-
MD5
60169a8cb09c484105a950ddf5e27870
-
SHA1
d23d812f02e264d12fa41705f2fd655c3ecdcfe4
-
SHA256
318b0b0864f1e59615ed7d141468a5c35ce58288423927106788ad479f8b885e
-
SHA512
a935647c2846622651bd26c4a85d7de8d087294782c6d7ec4468e96d9faca16acb140cfc59b7c459cd36e2a255a73f68a39f31a37bf46ac8638f14c8bad08fd6
-
SSDEEP
6144:avoqjzBltBvlWqEL+AOpjevb7A38VzZntXGPcsXC:avFjzbJQfA3ctXVQC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-