General
-
Target
881E6E6A9037E3A43028ABE53FACDCB2.exe
-
Size
1.1MB
-
Sample
210323-rhhftr4g6s
-
MD5
881e6e6a9037e3a43028abe53facdcb2
-
SHA1
515cf51a385057c45129ae2c00b2e80b252c9fb3
-
SHA256
4590fdf566b5fdb3c8d9a9b7b3eba1528f7d154701602845d6cd29ee13fdfdb8
-
SHA512
1024bd6977f88c58a951ae0162151625df4b0403576a1168de52d353f12e1881abaef7bc1ffe9ab7575075adfaa3631eece07ebdfa3ae0467ae422561b7e0355
Static task
static1
Behavioral task
behavioral1
Sample
881E6E6A9037E3A43028ABE53FACDCB2.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
881E6E6A9037E3A43028ABE53FACDCB2.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
881E6E6A9037E3A43028ABE53FACDCB2.exe
-
Size
1.1MB
-
MD5
881e6e6a9037e3a43028abe53facdcb2
-
SHA1
515cf51a385057c45129ae2c00b2e80b252c9fb3
-
SHA256
4590fdf566b5fdb3c8d9a9b7b3eba1528f7d154701602845d6cd29ee13fdfdb8
-
SHA512
1024bd6977f88c58a951ae0162151625df4b0403576a1168de52d353f12e1881abaef7bc1ffe9ab7575075adfaa3631eece07ebdfa3ae0467ae422561b7e0355
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-