General
-
Target
hz.bin
-
Size
21KB
-
Sample
210308-ra66hcsjps
-
MD5
7bf75a10315af01db3808781cdb63d03
-
SHA1
edd5c4cae0aaf66b6d390d1e8ed693cfbfe1235d
-
SHA256
d95e98b8716b31e4a66faf9ac2e07e5eafacd6d488c7e5b10cf5ce4a7a138c8d
-
SHA512
7ef3f079ee13e915dcd5d920bd491ecfa1972cf553565c86d37c6c2ce534db45db21211277989b7e3e5a9fa0b43615a3ca9bd68a076f2b7524aeb6bfb48c4314
Static task
static1
Behavioral task
behavioral1
Sample
hz.bin.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
hz.bin.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
hz.bin
-
Size
21KB
-
MD5
7bf75a10315af01db3808781cdb63d03
-
SHA1
edd5c4cae0aaf66b6d390d1e8ed693cfbfe1235d
-
SHA256
d95e98b8716b31e4a66faf9ac2e07e5eafacd6d488c7e5b10cf5ce4a7a138c8d
-
SHA512
7ef3f079ee13e915dcd5d920bd491ecfa1972cf553565c86d37c6c2ce534db45db21211277989b7e3e5a9fa0b43615a3ca9bd68a076f2b7524aeb6bfb48c4314
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-