General
-
Target
redline
-
Size
569KB
-
Sample
210719-9tp3elsfh2
-
MD5
4842156a83bbc8f5b1b46b0e2a597ab4
-
SHA1
bdda0f367bf93fa75e2bf4b632daab8b615c9c69
-
SHA256
24dc9485b3fcea21dc81118d045d6bd13ca40f04dcc905662b70f4ed5754f003
-
SHA512
f0fe9c63fc8fd1333297b76f7f0ed414535ffb4f8ab96906c8207840bf63688d8b6e0de8053e7882eeb616ddf83c8021d5940adc9fcba4e8fd1e342c67343f73
Static task
static1
Behavioral task
behavioral1
Sample
redline.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
redline.exe
Resource
win10v20210410
Malware Config
Extracted
redline
KREATOR
45.140.146.214:20498
Targets
-
-
Target
redline
-
Size
569KB
-
MD5
4842156a83bbc8f5b1b46b0e2a597ab4
-
SHA1
bdda0f367bf93fa75e2bf4b632daab8b615c9c69
-
SHA256
24dc9485b3fcea21dc81118d045d6bd13ca40f04dcc905662b70f4ed5754f003
-
SHA512
f0fe9c63fc8fd1333297b76f7f0ed414535ffb4f8ab96906c8207840bf63688d8b6e0de8053e7882eeb616ddf83c8021d5940adc9fcba4e8fd1e342c67343f73
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-