General
-
Target
18fd0471029adc5a608cc7c442a97f3a.exe
-
Size
355KB
-
Sample
240701-bjxyda1gld
-
MD5
18fd0471029adc5a608cc7c442a97f3a
-
SHA1
74854bda1aa3e60c3b6f58e8f77882ac7f958486
-
SHA256
1e92e176dd94bb165b9ac9a391ed84ad473ae69a44139d2f9765dd56974cee0d
-
SHA512
9cc462178cf8b63b27de90998c3a8cc722cec0bbde604e66482510c3888a78b1e869b4d3e7195c3361bb7fce43392c204c5b760948afd3bbddd6ee225bb61e00
-
SSDEEP
6144:MM/FgKFH4ZtKyKtHFrO/ODMruf29AYlxJzZfPkcdeyO9U/PRdygA/g3/FGXIqNPo:MI/FutKyQli/3rtT5zPdeyO9U/PRdygE
Static task
static1
Behavioral task
behavioral1
Sample
18fd0471029adc5a608cc7c442a97f3a.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
18fd0471029adc5a608cc7c442a97f3a.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
@MarsSellers12
94.228.166.68:80
Targets
-
-
Target
18fd0471029adc5a608cc7c442a97f3a.exe
-
Size
355KB
-
MD5
18fd0471029adc5a608cc7c442a97f3a
-
SHA1
74854bda1aa3e60c3b6f58e8f77882ac7f958486
-
SHA256
1e92e176dd94bb165b9ac9a391ed84ad473ae69a44139d2f9765dd56974cee0d
-
SHA512
9cc462178cf8b63b27de90998c3a8cc722cec0bbde604e66482510c3888a78b1e869b4d3e7195c3361bb7fce43392c204c5b760948afd3bbddd6ee225bb61e00
-
SSDEEP
6144:MM/FgKFH4ZtKyKtHFrO/ODMruf29AYlxJzZfPkcdeyO9U/PRdygA/g3/FGXIqNPo:MI/FutKyQli/3rtT5zPdeyO9U/PRdygE
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-