General
-
Target
svchost.exe
-
Size
2.3MB
-
Sample
210727-p3d7cy9e6n
-
MD5
e2cdbe43745e8ef737fded5c21bfd162
-
SHA1
533fc6c2aecaeca8211277ffa74d055fb7eb45fc
-
SHA256
71d3b36be058908e96750ba536922bb0748c3b3dabe78dfc9276bed4b01ea0e6
-
SHA512
927271572c1db35a050d1a7cf0ad85745d812a5e068f3c25b6d83e60182a46816b7655e0e52aec3dc355830514d7c43b86dfe06c5d5c7cbc3283199f467efd8f
Static task
static1
Behavioral task
behavioral1
Sample
svchost.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
svchost.exe
Resource
win10v20210408
Malware Config
Extracted
redline
@Kypidss
45.14.49.109:21295
Targets
-
-
Target
svchost.exe
-
Size
2.3MB
-
MD5
e2cdbe43745e8ef737fded5c21bfd162
-
SHA1
533fc6c2aecaeca8211277ffa74d055fb7eb45fc
-
SHA256
71d3b36be058908e96750ba536922bb0748c3b3dabe78dfc9276bed4b01ea0e6
-
SHA512
927271572c1db35a050d1a7cf0ad85745d812a5e068f3c25b6d83e60182a46816b7655e0e52aec3dc355830514d7c43b86dfe06c5d5c7cbc3283199f467efd8f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-