General
-
Target
https://disk.yandex.ru/d/ERPE36V3wkTV0g
-
Sample
211021-pzlryabbep
Score
10/10
Static task
static1
URLScan task
urlscan1
Sample
https://disk.yandex.ru/d/ERPE36V3wkTV0g
Behavioral task
behavioral1
Sample
https://disk.yandex.ru/d/ERPE36V3wkTV0g
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
Malware Config
Extracted
Family
redline
Botnet
832304211
C2
94.26.248.120:63731
Targets
-
-
Target
https://disk.yandex.ru/d/ERPE36V3wkTV0g
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-