General
-
Target
ce0f93d2bb7f18632d6695cf4800f436.exe
-
Size
1.4MB
-
Sample
210317-1aw72pwaba
-
MD5
ce0f93d2bb7f18632d6695cf4800f436
-
SHA1
c36922e5580cf622752115f2c8fa95278ad455a7
-
SHA256
9624e9bf93ace2e4b9106fb1b30c1dfb9de68bf63f4fb9559f11078569fbe334
-
SHA512
df13fbc9df58029868f442b84f5b24cea6cab0fe019898dce524ed99876642db4ae0ad2226d35c7fa75f8a43644cfb36d3a9a4ad6c2bfe67ddd9709af604b99b
Static task
static1
Behavioral task
behavioral1
Sample
ce0f93d2bb7f18632d6695cf4800f436.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
ce0f93d2bb7f18632d6695cf4800f436.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
ce0f93d2bb7f18632d6695cf4800f436.exe
-
Size
1.4MB
-
MD5
ce0f93d2bb7f18632d6695cf4800f436
-
SHA1
c36922e5580cf622752115f2c8fa95278ad455a7
-
SHA256
9624e9bf93ace2e4b9106fb1b30c1dfb9de68bf63f4fb9559f11078569fbe334
-
SHA512
df13fbc9df58029868f442b84f5b24cea6cab0fe019898dce524ed99876642db4ae0ad2226d35c7fa75f8a43644cfb36d3a9a4ad6c2bfe67ddd9709af604b99b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-