General
-
Target
TELEGR~1.EXE
-
Size
556KB
-
Sample
210713-gx3w6hl8hn
-
MD5
54db9520f3db0b612c492cd14b689b98
-
SHA1
cacba09c6883605d3918626c4a92cc4cb846bcda
-
SHA256
8b013095eac15ef06fd67f6c2f101dfe14c04a33a10d63e278ee5d506c862910
-
SHA512
3cf6bd666d66ac95ed4b601ac0990839edac41f12786b8201778930daf42a72d53768c0eabaf84357e5741e10b9e4bbd0a219773e31791df863e7d8a3a7d584e
Static task
static1
Behavioral task
behavioral1
Sample
TELEGR~1.EXE
Resource
win7v20210410
Behavioral task
behavioral2
Sample
TELEGR~1.EXE
Resource
win10v20210410
Malware Config
Extracted
redline
Build1
45.142.213.135:30058
Targets
-
-
Target
TELEGR~1.EXE
-
Size
556KB
-
MD5
54db9520f3db0b612c492cd14b689b98
-
SHA1
cacba09c6883605d3918626c4a92cc4cb846bcda
-
SHA256
8b013095eac15ef06fd67f6c2f101dfe14c04a33a10d63e278ee5d506c862910
-
SHA512
3cf6bd666d66ac95ed4b601ac0990839edac41f12786b8201778930daf42a72d53768c0eabaf84357e5741e10b9e4bbd0a219773e31791df863e7d8a3a7d584e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-