General
-
Target
7bc09b96533398f970efe4c87eb72939.exe
-
Size
19KB
-
Sample
201213-t2xnleyv36
-
MD5
7bc09b96533398f970efe4c87eb72939
-
SHA1
b534275282155c86ee1aad2ff632de46783f8e30
-
SHA256
ab84aed43b30ced6e514cd2a1191307294bd4f3211813c5de99aa0ebbfedd215
-
SHA512
387189adb5652b4733efc95a3f7f967bd7d02746a54d539b1b7bb026c53892afb38c13b8fe3abcb3a6af682ec0484ac387bb2ff79ce15a111883bef4894034a0
Static task
static1
Behavioral task
behavioral1
Sample
7bc09b96533398f970efe4c87eb72939.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
7bc09b96533398f970efe4c87eb72939.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
7bc09b96533398f970efe4c87eb72939.exe
-
Size
19KB
-
MD5
7bc09b96533398f970efe4c87eb72939
-
SHA1
b534275282155c86ee1aad2ff632de46783f8e30
-
SHA256
ab84aed43b30ced6e514cd2a1191307294bd4f3211813c5de99aa0ebbfedd215
-
SHA512
387189adb5652b4733efc95a3f7f967bd7d02746a54d539b1b7bb026c53892afb38c13b8fe3abcb3a6af682ec0484ac387bb2ff79ce15a111883bef4894034a0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-