General
-
Target
cd5a10ff2ac9f9a0a9163aeda1084e65.exe
-
Size
623KB
-
Sample
210219-98syrcl4zj
-
MD5
cd5a10ff2ac9f9a0a9163aeda1084e65
-
SHA1
45ff1cf238a712eee0b55162a14e263be3b93d89
-
SHA256
3710b311afa8bc8906ba693b03c1223e064606bdbed26fa35a07f36d6ed524e4
-
SHA512
85796c6474e608e2c4b68cdf5c4b8c80da5a5b68ff49bd9789f70e407be57dfae8fea33b02ef33689c6f069ca75d265cccd55e25e2d503b4631725b18bda2cb6
Static task
static1
Behavioral task
behavioral1
Sample
cd5a10ff2ac9f9a0a9163aeda1084e65.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
cd5a10ff2ac9f9a0a9163aeda1084e65.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
cd5a10ff2ac9f9a0a9163aeda1084e65.exe
-
Size
623KB
-
MD5
cd5a10ff2ac9f9a0a9163aeda1084e65
-
SHA1
45ff1cf238a712eee0b55162a14e263be3b93d89
-
SHA256
3710b311afa8bc8906ba693b03c1223e064606bdbed26fa35a07f36d6ed524e4
-
SHA512
85796c6474e608e2c4b68cdf5c4b8c80da5a5b68ff49bd9789f70e407be57dfae8fea33b02ef33689c6f069ca75d265cccd55e25e2d503b4631725b18bda2cb6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-