General
-
Target
969f8f4115d6d1665140ca43d56b12ce.exe
-
Size
622KB
-
Sample
210219-fw441vxhqa
-
MD5
969f8f4115d6d1665140ca43d56b12ce
-
SHA1
a02f0a9f9d27453ee4b759bae9d805504cc57771
-
SHA256
d353814302791cd7f3478cf31f979efd244a6dd3ec9b0d1eb77227f584158a54
-
SHA512
be04f9aa72db23ff70e5575b35ec9aa399b80757aa03ad8c8dc845cf9a6c7cc4df7e86acf44855f870a3d348e0d89a688d63f69bb85bbef03153d0369c424466
Static task
static1
Behavioral task
behavioral1
Sample
969f8f4115d6d1665140ca43d56b12ce.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
969f8f4115d6d1665140ca43d56b12ce.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
969f8f4115d6d1665140ca43d56b12ce.exe
-
Size
622KB
-
MD5
969f8f4115d6d1665140ca43d56b12ce
-
SHA1
a02f0a9f9d27453ee4b759bae9d805504cc57771
-
SHA256
d353814302791cd7f3478cf31f979efd244a6dd3ec9b0d1eb77227f584158a54
-
SHA512
be04f9aa72db23ff70e5575b35ec9aa399b80757aa03ad8c8dc845cf9a6c7cc4df7e86acf44855f870a3d348e0d89a688d63f69bb85bbef03153d0369c424466
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-