General
-
Target
ledarx.ex
-
Size
705KB
-
Sample
210916-talg4adgb3
-
MD5
1f331d518d0e425ab7642ccd638ec795
-
SHA1
71be2eec586f3a1dfb6971845a784ceeb049a838
-
SHA256
63fd6bf15b0991d449174bc48825a2ccf0056e9cff75b407cbe9755241ef6a35
-
SHA512
b449ca3c6410e035dfd7d45f5a37cbcdc8e4e97a8318ab36e513d7044115bcf7f23eb9dd8321f04ee04f93ff8cd626b1ec6b3913c0cd1d34eb5d0e0f80422b80
Static task
static1
Behavioral task
behavioral1
Sample
ledarx.ex.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
ledarx.ex.exe
Resource
win10v20210408
Malware Config
Extracted
redline
RUZ
sandedean.xyz:80
Targets
-
-
Target
ledarx.ex
-
Size
705KB
-
MD5
1f331d518d0e425ab7642ccd638ec795
-
SHA1
71be2eec586f3a1dfb6971845a784ceeb049a838
-
SHA256
63fd6bf15b0991d449174bc48825a2ccf0056e9cff75b407cbe9755241ef6a35
-
SHA512
b449ca3c6410e035dfd7d45f5a37cbcdc8e4e97a8318ab36e513d7044115bcf7f23eb9dd8321f04ee04f93ff8cd626b1ec6b3913c0cd1d34eb5d0e0f80422b80
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-