General
-
Target
fb.exe
-
Size
354KB
-
Sample
210313-ld93ncev4x
-
MD5
e5018ce605d3478c2445d349c2fc7088
-
SHA1
4f4f3ede4470da3db747ff183f7aa642834bbb31
-
SHA256
a19778657179c0a74cf22e6cefbd26dee57e6b65e552a50899f5172b0c9a74f4
-
SHA512
f27c9be297aabfda6174e94119a43533986a094d89712cbccd2d8d09c9e794bb63c0d9aac7e905a252d352e2c2e8c51515e12e5fc2f3137e777fc42088ef785e
Static task
static1
Behavioral task
behavioral1
Sample
fb.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
fb.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
fb.exe
-
Size
354KB
-
MD5
e5018ce605d3478c2445d349c2fc7088
-
SHA1
4f4f3ede4470da3db747ff183f7aa642834bbb31
-
SHA256
a19778657179c0a74cf22e6cefbd26dee57e6b65e552a50899f5172b0c9a74f4
-
SHA512
f27c9be297aabfda6174e94119a43533986a094d89712cbccd2d8d09c9e794bb63c0d9aac7e905a252d352e2c2e8c51515e12e5fc2f3137e777fc42088ef785e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-