General
-
Target
SWIFT.docx.exe
-
Size
1008KB
-
Sample
210119-vvjphctlre
-
MD5
d2c3d087707686a60ee673ca17a13537
-
SHA1
ae92354606e30d7b2a626a4bf5d5543b17cb9bbb
-
SHA256
4990b0164b660d9e8966fb35fc3d5f4f30b42c7e3861a14fc9255075b129c86e
-
SHA512
e406d167ae99d9b106930f9913f7ae5b07405fe9fb734aebe3df0a0a1a35b14a2b8e3e3ae73ecd27fd5e91a3e7ea61ebcb1ec146ba61ede6c0f95ed70d658177
Static task
static1
Behavioral task
behavioral1
Sample
SWIFT.docx.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SWIFT.docx.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
SWIFT.docx.exe
-
Size
1008KB
-
MD5
d2c3d087707686a60ee673ca17a13537
-
SHA1
ae92354606e30d7b2a626a4bf5d5543b17cb9bbb
-
SHA256
4990b0164b660d9e8966fb35fc3d5f4f30b42c7e3861a14fc9255075b129c86e
-
SHA512
e406d167ae99d9b106930f9913f7ae5b07405fe9fb734aebe3df0a0a1a35b14a2b8e3e3ae73ecd27fd5e91a3e7ea61ebcb1ec146ba61ede6c0f95ed70d658177
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-