General
-
Target
9BF4C9B6C5E930CE91B84920A73D9111793E6D3147745.exe
-
Size
1.1MB
-
Sample
220120-z7wxzsbgd9
-
MD5
3db8aaeede991e343f4a58c029d5bcb6
-
SHA1
dce0cf75d9080b4c31425adbc899d21f0ebb5c0f
-
SHA256
9bf4c9b6c5e930ce91b84920a73d9111793e6d31477458043e94b649147ebf71
-
SHA512
ae2e99816106a935498f977bf31dd995d315dcdb0237904bce86ccc525732d4b5353376818af87337396370e0cc23ebd321b4ecf1cb30c04969ea0a20ff8df31
Static task
static1
Behavioral task
behavioral1
Sample
9BF4C9B6C5E930CE91B84920A73D9111793E6D3147745.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
9BF4C9B6C5E930CE91B84920A73D9111793E6D3147745.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
1
vigasiergu.xyz:80
Targets
-
-
Target
9BF4C9B6C5E930CE91B84920A73D9111793E6D3147745.exe
-
Size
1.1MB
-
MD5
3db8aaeede991e343f4a58c029d5bcb6
-
SHA1
dce0cf75d9080b4c31425adbc899d21f0ebb5c0f
-
SHA256
9bf4c9b6c5e930ce91b84920a73d9111793e6d31477458043e94b649147ebf71
-
SHA512
ae2e99816106a935498f977bf31dd995d315dcdb0237904bce86ccc525732d4b5353376818af87337396370e0cc23ebd321b4ecf1cb30c04969ea0a20ff8df31
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Sets service image path in registry
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-