General
-
Target
OLKbrowser.exe
-
Size
383KB
-
Sample
210720-mg9n7hsv5x
-
MD5
8ddd5b9dbcd4e37135868db27b675c2d
-
SHA1
9122af279871de3f92ac3728e2343950f3e8b995
-
SHA256
2f480cbf73a6166257f6d35d7fb2d9f776e257540144a5c8e780385b4773a03f
-
SHA512
e712688ffe6d30aa1b21cba4fa88a6d1c4f72ba3b7d672ee2e790a6a42bc40df02761ced6a5cebcd5bc5ac6c5a2cdad7b04f427e3f02fb225132214b3e68664f
Static task
static1
Behavioral task
behavioral1
Sample
OLKbrowser.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
OLKbrowser.exe
Resource
win10v20210408
Malware Config
Extracted
redline
AniNEW
akedauiver.xyz:80
Targets
-
-
Target
OLKbrowser.exe
-
Size
383KB
-
MD5
8ddd5b9dbcd4e37135868db27b675c2d
-
SHA1
9122af279871de3f92ac3728e2343950f3e8b995
-
SHA256
2f480cbf73a6166257f6d35d7fb2d9f776e257540144a5c8e780385b4773a03f
-
SHA512
e712688ffe6d30aa1b21cba4fa88a6d1c4f72ba3b7d672ee2e790a6a42bc40df02761ced6a5cebcd5bc5ac6c5a2cdad7b04f427e3f02fb225132214b3e68664f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-