General
-
Target
59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
-
Size
465KB
-
Sample
220226-3haj8schbn
-
MD5
c71425e3cc3c2e52e15f6554d510e6a8
-
SHA1
136db115777778a0ecb9d459d3ace8c98542aafb
-
SHA256
59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
-
SHA512
b0838277e82abe6e2df4cbf899d72c7faf92874800a6dd5fae4f9b6effa45543cbcd5cca934c351942ddfb52db3a0fc399199d7497faa079e8ed82ad77c536ba
Static task
static1
Behavioral task
behavioral1
Sample
59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
yt
65.21.1.119:24371
-
auth_value
a7960fdd4739462c8f9231095a524ac3
Targets
-
-
Target
59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
-
Size
465KB
-
MD5
c71425e3cc3c2e52e15f6554d510e6a8
-
SHA1
136db115777778a0ecb9d459d3ace8c98542aafb
-
SHA256
59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
-
SHA512
b0838277e82abe6e2df4cbf899d72c7faf92874800a6dd5fae4f9b6effa45543cbcd5cca934c351942ddfb52db3a0fc399199d7497faa079e8ed82ad77c536ba
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Suspicious use of SetThreadContext
-