General
-
Target
5996f5969a6b028ae59c6b3d01a8ced5.exe
-
Size
898KB
-
Sample
210530-7z11qk636n
-
MD5
5996f5969a6b028ae59c6b3d01a8ced5
-
SHA1
3267286cfa56c7117c09680d1e2a004e7c962fb9
-
SHA256
55c250bdb998a1c96ae43bfa8a14ed041635109dceda6df6bfc0659f3467b5be
-
SHA512
0ea3651eb9fddb113e568672f377beb2bb473e05c92cc42e6a0b9246cae69691b509b7779ac5880af8581820d2aafe9c4469dfa47557402d8c9e16ff1849a013
Static task
static1
Behavioral task
behavioral1
Sample
5996f5969a6b028ae59c6b3d01a8ced5.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
5996f5969a6b028ae59c6b3d01a8ced5.exe
Resource
win10v20210408
Malware Config
Extracted
redline
bild
185.215.113.116:41120
Targets
-
-
Target
5996f5969a6b028ae59c6b3d01a8ced5.exe
-
Size
898KB
-
MD5
5996f5969a6b028ae59c6b3d01a8ced5
-
SHA1
3267286cfa56c7117c09680d1e2a004e7c962fb9
-
SHA256
55c250bdb998a1c96ae43bfa8a14ed041635109dceda6df6bfc0659f3467b5be
-
SHA512
0ea3651eb9fddb113e568672f377beb2bb473e05c92cc42e6a0b9246cae69691b509b7779ac5880af8581820d2aafe9c4469dfa47557402d8c9e16ff1849a013
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-