General
-
Target
VPN_Free.exe
-
Size
2.0MB
-
Sample
210524-fa4yewv4ex
-
MD5
831d4e7f62efecd2fc159074383b965b
-
SHA1
4856dbaebf644b83f620fff1666f8553ad47d9b5
-
SHA256
be394c34bc2d5f532f3ddac7e2d692c60401d71858d4ae2f077af559f33ef772
-
SHA512
6e60c373cb7ace5666507dd58bf39c4c92346c070f6c4a2d62cd5966dd84bddee89034ba3ee4cce52df74fc0b0aede68d49fea29ee24f9698833905c853c88e8
Behavioral task
behavioral1
Sample
VPN_Free.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
VPN_Free.exe
Resource
win10v20210410
Malware Config
Extracted
redline
VPNFree
80.92.205.112:81
Targets
-
-
Target
VPN_Free.exe
-
Size
2.0MB
-
MD5
831d4e7f62efecd2fc159074383b965b
-
SHA1
4856dbaebf644b83f620fff1666f8553ad47d9b5
-
SHA256
be394c34bc2d5f532f3ddac7e2d692c60401d71858d4ae2f077af559f33ef772
-
SHA512
6e60c373cb7ace5666507dd58bf39c4c92346c070f6c4a2d62cd5966dd84bddee89034ba3ee4cce52df74fc0b0aede68d49fea29ee24f9698833905c853c88e8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-