General
-
Target
Umbrella36.5.exe
-
Size
4.6MB
-
Sample
211021-p8aq2aacg4
-
MD5
ec04b75101fb19084dc84b466e96ff3b
-
SHA1
f8724452d253486c8acd6c4e43d3f8e25c6aaea4
-
SHA256
1df5e765a070d02080f3a8be3bcd756b20ea5dbb1f50c337b371145e41f05383
-
SHA512
c76f717eb597306f310465b390b10ad0c166ca1beae4ca7c5603e42703b587ec63931c524753307ad6279585cf5eb193053eab5b789ec975844b6083cfcb0926
Static task
static1
Behavioral task
behavioral1
Sample
Umbrella36.5.exe
Resource
win10-en-20210920
Malware Config
Extracted
redline
832304211
94.26.248.120:63731
Targets
-
-
Target
Umbrella36.5.exe
-
Size
4.6MB
-
MD5
ec04b75101fb19084dc84b466e96ff3b
-
SHA1
f8724452d253486c8acd6c4e43d3f8e25c6aaea4
-
SHA256
1df5e765a070d02080f3a8be3bcd756b20ea5dbb1f50c337b371145e41f05383
-
SHA512
c76f717eb597306f310465b390b10ad0c166ca1beae4ca7c5603e42703b587ec63931c524753307ad6279585cf5eb193053eab5b789ec975844b6083cfcb0926
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Suspicious use of SetThreadContext
-