General
-
Target
965212c139d8c474ed69ff3c33b88be4.exe
-
Size
521KB
-
Sample
210319-fglt61nbex
-
MD5
965212c139d8c474ed69ff3c33b88be4
-
SHA1
cce8ddf99da03113f80cd0e3e1368186468d904d
-
SHA256
fc1c966dd0ac73c1e2aae4287b1480ba9d27d01accc069a9a69d2a4fc9f1a6a9
-
SHA512
f9f37bbbacffcd4eed9ac7d4a66c9d5d0f0b0c85ec93e03712e1d238ace52f718beec08a5fc921b6a2d6d4084d1a4280258c188c514a6e0548ebde81afe9fd12
Static task
static1
Behavioral task
behavioral1
Sample
965212c139d8c474ed69ff3c33b88be4.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
965212c139d8c474ed69ff3c33b88be4.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
965212c139d8c474ed69ff3c33b88be4.exe
-
Size
521KB
-
MD5
965212c139d8c474ed69ff3c33b88be4
-
SHA1
cce8ddf99da03113f80cd0e3e1368186468d904d
-
SHA256
fc1c966dd0ac73c1e2aae4287b1480ba9d27d01accc069a9a69d2a4fc9f1a6a9
-
SHA512
f9f37bbbacffcd4eed9ac7d4a66c9d5d0f0b0c85ec93e03712e1d238ace52f718beec08a5fc921b6a2d6d4084d1a4280258c188c514a6e0548ebde81afe9fd12
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-