General
-
Target
9290fe75175367dd6330d504164fb597.exe
-
Size
32KB
-
Sample
210307-e7jpab8v8a
-
MD5
9290fe75175367dd6330d504164fb597
-
SHA1
d0ef05fc64c35901a6de03daf3a972e760e7876e
-
SHA256
e58ef47a566a73ad01ce7a37c178d1fce2a3282882f814997aab487200cf8005
-
SHA512
b92e1b267d9701a75d6680282c448170696680573a4e25e676747debc4fbd9af6209c9d7edf646a090442f800484b010f5bb2b96088db930c79590a19dd0a97d
Static task
static1
Behavioral task
behavioral1
Sample
9290fe75175367dd6330d504164fb597.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
9290fe75175367dd6330d504164fb597.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
9290fe75175367dd6330d504164fb597.exe
-
Size
32KB
-
MD5
9290fe75175367dd6330d504164fb597
-
SHA1
d0ef05fc64c35901a6de03daf3a972e760e7876e
-
SHA256
e58ef47a566a73ad01ce7a37c178d1fce2a3282882f814997aab487200cf8005
-
SHA512
b92e1b267d9701a75d6680282c448170696680573a4e25e676747debc4fbd9af6209c9d7edf646a090442f800484b010f5bb2b96088db930c79590a19dd0a97d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-