General
-
Target
637862922ea040811a79adf327863e15.exe
-
Size
388KB
-
Sample
210719-xj4cgndy9j
-
MD5
637862922ea040811a79adf327863e15
-
SHA1
cd9f3fa9a64e1f1283121c0d02ec4ecde47a4de5
-
SHA256
2cbe0812081f1c8676e8fb96d9e4e08e6ac092c38982586030bd7302ed2b9a2d
-
SHA512
b49a749fa554595b5c85ea778de056378555326cdd2c57a7c1e5d2f3e932730a6375f31247d6c8771838c7c791e097b9b83baf09578feb81b0fb3946796e9e29
Static task
static1
Behavioral task
behavioral1
Sample
637862922ea040811a79adf327863e15.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
637862922ea040811a79adf327863e15.exe
Resource
win10v20210408
Malware Config
Extracted
redline
18_7_r
xtarweanda.xyz:80
Targets
-
-
Target
637862922ea040811a79adf327863e15.exe
-
Size
388KB
-
MD5
637862922ea040811a79adf327863e15
-
SHA1
cd9f3fa9a64e1f1283121c0d02ec4ecde47a4de5
-
SHA256
2cbe0812081f1c8676e8fb96d9e4e08e6ac092c38982586030bd7302ed2b9a2d
-
SHA512
b49a749fa554595b5c85ea778de056378555326cdd2c57a7c1e5d2f3e932730a6375f31247d6c8771838c7c791e097b9b83baf09578feb81b0fb3946796e9e29
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-