General
-
Target
2bd0394601a1a4006bc56efa2f405d25.exe
-
Size
876KB
-
Sample
210503-18ehl4kgxs
-
MD5
2bd0394601a1a4006bc56efa2f405d25
-
SHA1
373bff8a86a336976bea0cd8ab86ff897984c872
-
SHA256
9eeaa4a0bcfc641d7f395c5a7d5ac15a8d50b18f8ef1ac3545c55c5679367228
-
SHA512
705419f6e38a45a7858df73764744e891318f1b4d2ff2aff1e134af009f21c433deb6e9a55040f419f750fe4f27d3259a224ad8c994aeb4d6a209b1d7e1c9951
Static task
static1
Behavioral task
behavioral1
Sample
2bd0394601a1a4006bc56efa2f405d25.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
2bd0394601a1a4006bc56efa2f405d25.exe
Resource
win10v20210408
Malware Config
Extracted
redline
ftp
videdoshin.xyz:80
Targets
-
-
Target
2bd0394601a1a4006bc56efa2f405d25.exe
-
Size
876KB
-
MD5
2bd0394601a1a4006bc56efa2f405d25
-
SHA1
373bff8a86a336976bea0cd8ab86ff897984c872
-
SHA256
9eeaa4a0bcfc641d7f395c5a7d5ac15a8d50b18f8ef1ac3545c55c5679367228
-
SHA512
705419f6e38a45a7858df73764744e891318f1b4d2ff2aff1e134af009f21c433deb6e9a55040f419f750fe4f27d3259a224ad8c994aeb4d6a209b1d7e1c9951
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-