General
-
Target
a28665934ac932f780cd3c0d84cf0f94de8cf9abfb6864c0a842764be504858e
-
Size
76KB
-
Sample
211030-kdmd5aeff9
-
MD5
0bd9ddde07455acc3e62f1dbbbdeea64
-
SHA1
5ce810c7bbbff3360d3e4b6c63a7ddc83b91aeb1
-
SHA256
a28665934ac932f780cd3c0d84cf0f94de8cf9abfb6864c0a842764be504858e
-
SHA512
c8328b2b712aeb1630161d01cf1d4d84b23b895d350839e8a091f71b254f6775d70101e9ff7c4f6a10b12c856b6a59d9138fd7249d1322d6c9ced92cf55adf2d
Static task
static1
Malware Config
Extracted
redline
D2 BUILD2
212.193.30.193:33833
Targets
-
-
Target
a28665934ac932f780cd3c0d84cf0f94de8cf9abfb6864c0a842764be504858e
-
Size
76KB
-
MD5
0bd9ddde07455acc3e62f1dbbbdeea64
-
SHA1
5ce810c7bbbff3360d3e4b6c63a7ddc83b91aeb1
-
SHA256
a28665934ac932f780cd3c0d84cf0f94de8cf9abfb6864c0a842764be504858e
-
SHA512
c8328b2b712aeb1630161d01cf1d4d84b23b895d350839e8a091f71b254f6775d70101e9ff7c4f6a10b12c856b6a59d9138fd7249d1322d6c9ced92cf55adf2d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Turns off Windows Defender SpyNet reporting
-
Nirsoft
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-