General
-
Target
abc95cae37b9182d50bd4e682da95504af7ae1cb1433f85a31df20c3e7c5dad6.exe
-
Size
383KB
-
Sample
241123-pzs61svmes
-
MD5
75a974862d5d04cc57b6dd1e32763ad7
-
SHA1
bcf8eb98cfef79cafb4733944cbf78dc1f1c69e2
-
SHA256
abc95cae37b9182d50bd4e682da95504af7ae1cb1433f85a31df20c3e7c5dad6
-
SHA512
ed774772a5dde6d50465e974e64612ad8ad148bdd80b7cbe70778d5b7ead8801a14cc2644cd83150d507862e0260733088f6c07e1961a16a02ca7a6b6db9af1f
-
SSDEEP
6144:G29XY1Hq1AlaqaoAVzfeOHavspTulZfW4OcjmvXZjSxaR:t9XCHeAlaqaohOHavspTulZfW4OcjmvN
Static task
static1
Behavioral task
behavioral1
Sample
abc95cae37b9182d50bd4e682da95504af7ae1cb1433f85a31df20c3e7c5dad6.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
abc95cae37b9182d50bd4e682da95504af7ae1cb1433f85a31df20c3e7c5dad6.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
jjfuck
135.181.129.119:4805
-
auth_value
b69102cdbd4afe2d3159f88fb6dac731
Targets
-
-
Target
abc95cae37b9182d50bd4e682da95504af7ae1cb1433f85a31df20c3e7c5dad6.exe
-
Size
383KB
-
MD5
75a974862d5d04cc57b6dd1e32763ad7
-
SHA1
bcf8eb98cfef79cafb4733944cbf78dc1f1c69e2
-
SHA256
abc95cae37b9182d50bd4e682da95504af7ae1cb1433f85a31df20c3e7c5dad6
-
SHA512
ed774772a5dde6d50465e974e64612ad8ad148bdd80b7cbe70778d5b7ead8801a14cc2644cd83150d507862e0260733088f6c07e1961a16a02ca7a6b6db9af1f
-
SSDEEP
6144:G29XY1Hq1AlaqaoAVzfeOHavspTulZfW4OcjmvXZjSxaR:t9XCHeAlaqaohOHavspTulZfW4OcjmvN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-