General
-
Target
a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
-
Size
473KB
-
Sample
211216-qm8xdacbf3
-
MD5
67152b967be7058c9d7bc02353b342eb
-
SHA1
38b63764e9be58180353cbb206f13a6668bcb9d4
-
SHA256
a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
-
SHA512
87abe65d91fd7724bbd15a1008658ccf54a350370c107b2f69f42f6b105a4d0d54ff1adcf2e34a1988cd71f51a1710328d4a16cbfbf6b0fc567e51aeee1322ab
Static task
static1
Behavioral task
behavioral1
Sample
a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
Siski
109.248.201.17:34060
Targets
-
-
Target
a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
-
Size
473KB
-
MD5
67152b967be7058c9d7bc02353b342eb
-
SHA1
38b63764e9be58180353cbb206f13a6668bcb9d4
-
SHA256
a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
-
SHA512
87abe65d91fd7724bbd15a1008658ccf54a350370c107b2f69f42f6b105a4d0d54ff1adcf2e34a1988cd71f51a1710328d4a16cbfbf6b0fc567e51aeee1322ab
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-