General
-
Target
LOG_CHECKING_crypted.exe
-
Size
772KB
-
Sample
220125-2bzecaggd3
-
MD5
ee1dead769bf3f05ecb6ce9e5d5aba25
-
SHA1
b56ffd57e9ab2f0cbfe841352a5f30d2cc73cc7d
-
SHA256
87d621ce8ab828d96c3c48c9c70ea58d9aae982b7739ac409eeb3d0f2ade49da
-
SHA512
6df89c728b5ed79bbe6e30516ac3abcda1980a04e01cdcc43d958f1953c3f787d03cc7a1261b8c104d86c90cf2ca751aa05a9f2abded99abdd992cec65b8e6c1
Static task
static1
Behavioral task
behavioral1
Sample
LOG_CHECKING_crypted.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
LOG_CHECKING_crypted.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
91.243.32.83:14266
Targets
-
-
Target
LOG_CHECKING_crypted.exe
-
Size
772KB
-
MD5
ee1dead769bf3f05ecb6ce9e5d5aba25
-
SHA1
b56ffd57e9ab2f0cbfe841352a5f30d2cc73cc7d
-
SHA256
87d621ce8ab828d96c3c48c9c70ea58d9aae982b7739ac409eeb3d0f2ade49da
-
SHA512
6df89c728b5ed79bbe6e30516ac3abcda1980a04e01cdcc43d958f1953c3f787d03cc7a1261b8c104d86c90cf2ca751aa05a9f2abded99abdd992cec65b8e6c1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-