General
-
Target
48f6d5bdf1a21e63f13ce2784b945c21.exe
-
Size
529KB
-
Sample
210219-bq9mg6gjde
-
MD5
48f6d5bdf1a21e63f13ce2784b945c21
-
SHA1
4bee0b5343aae9eb3a869a717e7d33e841290eaa
-
SHA256
fc75e0db35a8db7c56bc4c3e45532fc32293270ea477f891c7b0556f93a74b80
-
SHA512
72c51112ae6dbe6e2e1bfce59d7f318ce7de6fe3e57d6913d9ea04800f00e20b4bbb6c53112eaa3d67175aa0a3b84b9ee724ff3c2b2c9f9e9183eb971d35e2a6
Static task
static1
Behavioral task
behavioral1
Sample
48f6d5bdf1a21e63f13ce2784b945c21.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
48f6d5bdf1a21e63f13ce2784b945c21.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
48f6d5bdf1a21e63f13ce2784b945c21.exe
-
Size
529KB
-
MD5
48f6d5bdf1a21e63f13ce2784b945c21
-
SHA1
4bee0b5343aae9eb3a869a717e7d33e841290eaa
-
SHA256
fc75e0db35a8db7c56bc4c3e45532fc32293270ea477f891c7b0556f93a74b80
-
SHA512
72c51112ae6dbe6e2e1bfce59d7f318ce7de6fe3e57d6913d9ea04800f00e20b4bbb6c53112eaa3d67175aa0a3b84b9ee724ff3c2b2c9f9e9183eb971d35e2a6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-