General
-
Target
bff2a3fa0b7e711b342901d3e67e8cee7d08dda4fc7b8809ab5e6c5858b76613
-
Size
396KB
-
Sample
211124-c2rdzsfaa9
-
MD5
093cdb435c4003e1a7d4269e332730a1
-
SHA1
c8cff0231c22d5285a73f03b7624b4c60d79b820
-
SHA256
bff2a3fa0b7e711b342901d3e67e8cee7d08dda4fc7b8809ab5e6c5858b76613
-
SHA512
9df903c6e990c2f253f82aa9f618f9cfbdead034d34a4cbfdf1fb08f36ceaeb65041faa1fbf17fee972d15a577269aec400cc9ce948041cb7bc77cc04d39ffb8
Static task
static1
Behavioral task
behavioral1
Sample
bff2a3fa0b7e711b342901d3e67e8cee7d08dda4fc7b8809ab5e6c5858b76613.exe
Resource
win10-en-20211104
Malware Config
Extracted
redline
135.181.245.89:24368
Targets
-
-
Target
bff2a3fa0b7e711b342901d3e67e8cee7d08dda4fc7b8809ab5e6c5858b76613
-
Size
396KB
-
MD5
093cdb435c4003e1a7d4269e332730a1
-
SHA1
c8cff0231c22d5285a73f03b7624b4c60d79b820
-
SHA256
bff2a3fa0b7e711b342901d3e67e8cee7d08dda4fc7b8809ab5e6c5858b76613
-
SHA512
9df903c6e990c2f253f82aa9f618f9cfbdead034d34a4cbfdf1fb08f36ceaeb65041faa1fbf17fee972d15a577269aec400cc9ce948041cb7bc77cc04d39ffb8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-