General
-
Target
88f930ac85e040f29d454a01302b5270.exe
-
Size
170KB
-
Sample
210724-sza676fyla
-
MD5
88f930ac85e040f29d454a01302b5270
-
SHA1
237a116a2861efc8662f68828e1a7c2d34cb8047
-
SHA256
7a07416a0737540a9f0049d6c1094c4986e90d46561ed583f597ca4f01a3eaed
-
SHA512
0813ea76d3d78604cb27832a47f1f94f20d4ae1114af35777c9aa5058789ab80e18a5fbe699bc89b689ef00c6c169f98d2c1ea17be27cd83c53e690fde27e209
Static task
static1
Behavioral task
behavioral1
Sample
88f930ac85e040f29d454a01302b5270.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
88f930ac85e040f29d454a01302b5270.exe
Resource
win10v20210408
Malware Config
Extracted
redline
185.248.101.142:54217
Targets
-
-
Target
88f930ac85e040f29d454a01302b5270.exe
-
Size
170KB
-
MD5
88f930ac85e040f29d454a01302b5270
-
SHA1
237a116a2861efc8662f68828e1a7c2d34cb8047
-
SHA256
7a07416a0737540a9f0049d6c1094c4986e90d46561ed583f597ca4f01a3eaed
-
SHA512
0813ea76d3d78604cb27832a47f1f94f20d4ae1114af35777c9aa5058789ab80e18a5fbe699bc89b689ef00c6c169f98d2c1ea17be27cd83c53e690fde27e209
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-