General
-
Target
09f7fb929981dfd502b5e60cffcf4dc0.exe
-
Size
1.5MB
-
Sample
210322-c8gyd6lvc2
-
MD5
09f7fb929981dfd502b5e60cffcf4dc0
-
SHA1
331990849234ded4bf2f37b8b438a5b5b937106a
-
SHA256
f8fbe166151947ae09b6b0244fc0867d41df8f46e1652e4edd89a4eb420adfa2
-
SHA512
dae2675c6c3a3fe3bc74e41f926af8ad021dd75b31fc7df39d3808db7b82e363063717b4e36b91e181ae23e15687f2aba99195ba98681fcb2fd58257b092e0dc
Static task
static1
Behavioral task
behavioral1
Sample
09f7fb929981dfd502b5e60cffcf4dc0.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
09f7fb929981dfd502b5e60cffcf4dc0.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
09f7fb929981dfd502b5e60cffcf4dc0.exe
-
Size
1.5MB
-
MD5
09f7fb929981dfd502b5e60cffcf4dc0
-
SHA1
331990849234ded4bf2f37b8b438a5b5b937106a
-
SHA256
f8fbe166151947ae09b6b0244fc0867d41df8f46e1652e4edd89a4eb420adfa2
-
SHA512
dae2675c6c3a3fe3bc74e41f926af8ad021dd75b31fc7df39d3808db7b82e363063717b4e36b91e181ae23e15687f2aba99195ba98681fcb2fd58257b092e0dc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-