General
-
Target
Aura.exe
-
Size
493KB
-
Sample
240629-lfeyhaxfrk
-
MD5
7e7b8be8a1f1ef05c932ea1e8eab6590
-
SHA1
f790227a5148d6cba037c24643306f330c6fe5f4
-
SHA256
c7383b039d569cc256026d6b7985bb763f36530708bca3e4f82fa130d2d7dfbb
-
SHA512
c57fc80bf97309ca887c88526fc586b080d47c4f2ebe611d40f94f48c0af2b7c56cec19f0379a5bc27bd6a0e2f75bdb7953c05bcc1069633812bbd22649ef890
-
SSDEEP
12288:qGlz1vS9p1+kOwILHmKfZcBg688m/Iezfihoto8:qyNSgJqBg6NmAeehn
Static task
static1
Behavioral task
behavioral1
Sample
Aura.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Aura.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
@hitok4111
94.228.166.68:80
Targets
-
-
Target
Aura.exe
-
Size
493KB
-
MD5
7e7b8be8a1f1ef05c932ea1e8eab6590
-
SHA1
f790227a5148d6cba037c24643306f330c6fe5f4
-
SHA256
c7383b039d569cc256026d6b7985bb763f36530708bca3e4f82fa130d2d7dfbb
-
SHA512
c57fc80bf97309ca887c88526fc586b080d47c4f2ebe611d40f94f48c0af2b7c56cec19f0379a5bc27bd6a0e2f75bdb7953c05bcc1069633812bbd22649ef890
-
SSDEEP
12288:qGlz1vS9p1+kOwILHmKfZcBg688m/Iezfihoto8:qyNSgJqBg6NmAeehn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-