General
-
Target
be1af4ebc3fa60141274956ad3593f65.exe
-
Size
530KB
-
Sample
210219-rnmp2pnycn
-
MD5
be1af4ebc3fa60141274956ad3593f65
-
SHA1
1305d884c0b647efb21ea6eaf87158efe8bb958f
-
SHA256
e07e702d1247fd8b230d21bba94b581f65f27e811c59a28896fcea29ddb3d2de
-
SHA512
796a9618260ddfc6a82c2a86f954e7eb01d4eb86d98f59a9ea0d3b2eabed67d5ca51f9aa755ed50647ad2ba6d2e1f2d62d9688a44998be9d2e27d34b3e392396
Static task
static1
Behavioral task
behavioral1
Sample
be1af4ebc3fa60141274956ad3593f65.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
be1af4ebc3fa60141274956ad3593f65.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
be1af4ebc3fa60141274956ad3593f65.exe
-
Size
530KB
-
MD5
be1af4ebc3fa60141274956ad3593f65
-
SHA1
1305d884c0b647efb21ea6eaf87158efe8bb958f
-
SHA256
e07e702d1247fd8b230d21bba94b581f65f27e811c59a28896fcea29ddb3d2de
-
SHA512
796a9618260ddfc6a82c2a86f954e7eb01d4eb86d98f59a9ea0d3b2eabed67d5ca51f9aa755ed50647ad2ba6d2e1f2d62d9688a44998be9d2e27d34b3e392396
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-