General
-
Target
8788930d5bf09c258af90bcf3f19f2c41cb4dabd93ef34d3b787cc564a23a9ee
-
Size
389KB
-
Sample
220215-kce9escgd7
-
MD5
88fa74371f0d7f468c34364de7510d33
-
SHA1
db3330c36ae2a51c3df136594c5b9cc83ce5987b
-
SHA256
8788930d5bf09c258af90bcf3f19f2c41cb4dabd93ef34d3b787cc564a23a9ee
-
SHA512
48a7f2652b5e612021aef6d6493ab403581b912a39102e59db565165b083936a9d15b569426e21275b918ca9b88b19722c060b8400e164074dbb2f95b0b96249
Static task
static1
Behavioral task
behavioral1
Sample
8788930d5bf09c258af90bcf3f19f2c41cb4dabd93ef34d3b787cc564a23a9ee.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8788930d5bf09c258af90bcf3f19f2c41cb4dabd93ef34d3b787cc564a23a9ee.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
luna2121
135.181.129.119:4805
-
auth_value
fa2fe8249babf377616caa8ac0ec8044
Targets
-
-
Target
8788930d5bf09c258af90bcf3f19f2c41cb4dabd93ef34d3b787cc564a23a9ee
-
Size
389KB
-
MD5
88fa74371f0d7f468c34364de7510d33
-
SHA1
db3330c36ae2a51c3df136594c5b9cc83ce5987b
-
SHA256
8788930d5bf09c258af90bcf3f19f2c41cb4dabd93ef34d3b787cc564a23a9ee
-
SHA512
48a7f2652b5e612021aef6d6493ab403581b912a39102e59db565165b083936a9d15b569426e21275b918ca9b88b19722c060b8400e164074dbb2f95b0b96249
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-