General
-
Target
2145457315.exe
-
Size
1.5MB
-
Sample
211005-j6aelahdg9
-
MD5
ee98c1f6708926a136a805fa80652733
-
SHA1
8c7ecfc3a4b98edf311ab010d529b5c171491176
-
SHA256
ae2a26a5e871dbc441b4e9560820a311f8db50ebcacb2b451838d8ff71d42b93
-
SHA512
f0d05bb6234d9feaffa2b4b82a14cff88181c20962e70ebb9417e65a92e35120201742048941f1d297cbe77e66280d870e8f92885f74b9c94edba75ae2eea7ac
Static task
static1
Behavioral task
behavioral1
Sample
2145457315.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
2145457315.exe
Resource
win10-en-20210920
Malware Config
Extracted
redline
1111
116.202.11.15:24147
Targets
-
-
Target
2145457315.exe
-
Size
1.5MB
-
MD5
ee98c1f6708926a136a805fa80652733
-
SHA1
8c7ecfc3a4b98edf311ab010d529b5c171491176
-
SHA256
ae2a26a5e871dbc441b4e9560820a311f8db50ebcacb2b451838d8ff71d42b93
-
SHA512
f0d05bb6234d9feaffa2b4b82a14cff88181c20962e70ebb9417e65a92e35120201742048941f1d297cbe77e66280d870e8f92885f74b9c94edba75ae2eea7ac
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-