General
-
Target
a957dc16d684fbd7e12fc87e8ee12fea.bin
-
Size
413KB
-
Sample
240701-dgbcpsxepm
-
MD5
12d09eb2407d93f7150ea7e641cefcc8
-
SHA1
4519e7018b608d47420c5471666bd0acc8b01667
-
SHA256
16f345a38f82c3e9cb4a1e9792841b7659d0f67c645f16a26f2c6da95c186484
-
SHA512
c96deee8e9b58f9a14c6aae6a12ae391e391e6ef4a541f79ecca5fd5d521a685143e459c4609a6fa3a032bce7a0006fdca26114fcdf11d8fea9664855126fa67
-
SSDEEP
6144:uV2/C49eNSVV4e9s5hUhvqNoB/AA6cpyAFGauY6PDagReofpDZq1usBJP45xa:Qabsw4tKvqNoB/AtcEeuAgoEpDaJP4a
Static task
static1
Behavioral task
behavioral1
Sample
071b6c448d2546dea8caed872fca0d002f59a6b9849f0de2a565fc74b487fa37.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
071b6c448d2546dea8caed872fca0d002f59a6b9849f0de2a565fc74b487fa37.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
LiveTraffoc
4.185.56.82:42687
Targets
-
-
Target
071b6c448d2546dea8caed872fca0d002f59a6b9849f0de2a565fc74b487fa37.exe
-
Size
512KB
-
MD5
a957dc16d684fbd7e12fc87e8ee12fea
-
SHA1
20c73ccfdba13fd9b79c9e02432be39e48e4b37d
-
SHA256
071b6c448d2546dea8caed872fca0d002f59a6b9849f0de2a565fc74b487fa37
-
SHA512
fd6982587fba779d6febb84dfa65ec3e048e17733c2f01b61996bedb170bb4bb1cbb822c0dd2cf44a7e601373abaf499885b13b7957dd2a307bbd8f2120e9b3b
-
SSDEEP
12288:4iFfKsLIh/4hBNR3lfo4T4A1i5g70dbRFpJtRSfF:40iP/E/pigb1i5Q0dbLLWf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-