General
-
Target
53661074d0a6b4e280ebac14d61444984eb1513dd4a63e32d077d291f2167549.exe
-
Size
203KB
-
Sample
241121-earlsayhnl
-
MD5
f22739fd155f021421ffe74f053a4507
-
SHA1
84744009bf109831025c1ac0262749f23c3f29c6
-
SHA256
53661074d0a6b4e280ebac14d61444984eb1513dd4a63e32d077d291f2167549
-
SHA512
7de9b4997fd205b135d042d6a65df7d4a008f10be41a75d55688c7dc4e14902186e9f88fc4a68d6ef60696b2c15b3a53c7d118de24f217c03e55de9f981cbe0e
-
SSDEEP
3072:Lma2Tw13jglOswfrLya3ApH+CNekWJnU0mPjd76ootSc/3smYMXrv:Ln2J1wfrLyaIeCNpWOPjd4BEdu
Behavioral task
behavioral1
Sample
53661074d0a6b4e280ebac14d61444984eb1513dd4a63e32d077d291f2167549.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
53661074d0a6b4e280ebac14d61444984eb1513dd4a63e32d077d291f2167549.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
37.252.9.247:37711
-
auth_value
026e3efe08173cd9cc43c61448ed20f6
Targets
-
-
Target
53661074d0a6b4e280ebac14d61444984eb1513dd4a63e32d077d291f2167549.exe
-
Size
203KB
-
MD5
f22739fd155f021421ffe74f053a4507
-
SHA1
84744009bf109831025c1ac0262749f23c3f29c6
-
SHA256
53661074d0a6b4e280ebac14d61444984eb1513dd4a63e32d077d291f2167549
-
SHA512
7de9b4997fd205b135d042d6a65df7d4a008f10be41a75d55688c7dc4e14902186e9f88fc4a68d6ef60696b2c15b3a53c7d118de24f217c03e55de9f981cbe0e
-
SSDEEP
3072:Lma2Tw13jglOswfrLya3ApH+CNekWJnU0mPjd76ootSc/3smYMXrv:Ln2J1wfrLyaIeCNpWOPjd4BEdu
Score10/10-
Gurcu family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-