General
-
Target
Redline Stealer 2021 Cracked.rar
-
Size
15.4MB
-
Sample
211020-bdgdfagdh9
-
MD5
fcdf4d84d1ddfdd243cb9f7ca06486d1
-
SHA1
4158c9e5338bc59d875bc59d0690ec60bcc39787
-
SHA256
c2e07c268efe3d9967a8af7933a22188b928bae9a86bb0177a401ed0a7979657
-
SHA512
f82e4024d36101c6178547ee57be95e0bb16dfbfa6d0b29299b01801ee5b2ab873a7de53fcc4a5914661193881d999babc5909d767b4ff9514076a39ac82a84d
Static task
static1
Behavioral task
behavioral1
Sample
Redline Stealer 2021 Cracked/Redline_20_2_crack.exe
Resource
win7-ja-20211014
Behavioral task
behavioral2
Sample
Redline Stealer 2021 Cracked/Redline_20_2_crack.exe
Resource
win7-de-20210920
Behavioral task
behavioral3
Sample
Redline Stealer 2021 Cracked/Redline_20_2_crack.exe
Resource
win11
Behavioral task
behavioral4
Sample
Redline Stealer 2021 Cracked/Redline_20_2_crack.exe
Resource
win10-ja-20211014
Behavioral task
behavioral5
Sample
Redline Stealer 2021 Cracked/Redline_20_2_crack.exe
Resource
win10-en-20210920
Behavioral task
behavioral6
Sample
Redline Stealer 2021 Cracked/Redline_20_2_crack.exe
Resource
win10-de-20211014
Malware Config
Extracted
redline
cheat
127.0.0.1:1337
Targets
-
-
Target
Redline Stealer 2021 Cracked/Redline_20_2_crack.exe
-
Size
15.1MB
-
MD5
083776e54ad37b3a45d7e6516b1e13fb
-
SHA1
e784e8f041dfb7612e8439518ed587f1f878b9eb
-
SHA256
4334163e03a3cae86600be22c3deb8e786142db27883cc99f0536f713621df9d
-
SHA512
0985538bf8c2add2e85ac09e64826e0993fae2b1b4e7643a42f010201e4e8f2065f673a795aa4eabf7bee26709f35fbc84553042f40ce3a2fde96a271c43590c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Registers COM server for autorun
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-
Sets service image path in registry
-
Drops startup file
-
Loads dropped DLL
-
Drops file in System32 directory
-