General
-
Target
1cab063cc0c194cc5c81e71aad8a94e0.exe
-
Size
1.4MB
-
Sample
210317-3d9781km5x
-
MD5
1cab063cc0c194cc5c81e71aad8a94e0
-
SHA1
bb4d5267f05e3e4f42ad7576f8a8e57a47da5653
-
SHA256
4ccc480c0ae855a876e266122a05dea65506fadedee20f1857525a41ef3932f8
-
SHA512
93fe579300d1db29f1b3ed75db9529d5bef48af1db8d947a9883e06e9c3a75ecf82f563dd163a333ad81562e95fd6c2d6d6f3f9f5fa05e0344ee85cd251365f3
Static task
static1
Behavioral task
behavioral1
Sample
1cab063cc0c194cc5c81e71aad8a94e0.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
1cab063cc0c194cc5c81e71aad8a94e0.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
1cab063cc0c194cc5c81e71aad8a94e0.exe
-
Size
1.4MB
-
MD5
1cab063cc0c194cc5c81e71aad8a94e0
-
SHA1
bb4d5267f05e3e4f42ad7576f8a8e57a47da5653
-
SHA256
4ccc480c0ae855a876e266122a05dea65506fadedee20f1857525a41ef3932f8
-
SHA512
93fe579300d1db29f1b3ed75db9529d5bef48af1db8d947a9883e06e9c3a75ecf82f563dd163a333ad81562e95fd6c2d6d6f3f9f5fa05e0344ee85cd251365f3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-