General
-
Target
c07fc52760ae33dfdea072ebb41a558effed8b99c17abf62b23262453815ddd4
-
Size
800KB
-
Sample
220221-mbm9rafagl
-
MD5
3e45aae13cc364808b3bf8e77051cd21
-
SHA1
fd5bc59c8d056615c03ffecd3a69684522b010c7
-
SHA256
c07fc52760ae33dfdea072ebb41a558effed8b99c17abf62b23262453815ddd4
-
SHA512
260ea11353807521bd61c61dab4297ae1997a5c4b8f2d0a43dd640fbc2f57c5afe6e92ab0ed86bde02a499e0360e90f3acb4ee2abdf1cbab3eb78822f1737a98
Static task
static1
Behavioral task
behavioral1
Sample
Swift.pdf.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Swift.pdf.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
1
45.147.231.74:81
Targets
-
-
Target
Swift.pdf.exe
-
Size
1.2MB
-
MD5
12bd6ccee06c7ec5762c2aecc7c3357d
-
SHA1
4821ff4545829ef14a14845880f35b273c2bf4b4
-
SHA256
85dd5d9ef955400038cae7ac32f2931c3b6966792bbfd353f14627c2261f2d9c
-
SHA512
c2e44bae87845b5321fac3de4fc602106914e820378d5926690f690edac7830922bfef91d6658eafb4747174d3e1060a22c9c33fc940b1c51494a8dfc20010cb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-