General
-
Target
c25e427b4cc4f925eb98334fd1795f2e3dc09eaf4df8cf1342dbca9ae33e18f9
-
Size
487KB
-
Sample
220303-jy6stshgd6
-
MD5
72b06da5e2d23ee12b89d891e80bda5f
-
SHA1
1e31ab5828fa44e161060d64a37dedcac6909b2b
-
SHA256
c25e427b4cc4f925eb98334fd1795f2e3dc09eaf4df8cf1342dbca9ae33e18f9
-
SHA512
1c0e8761f814ae511b962b45e9136e095c6ef1113c6e02ac17b5fdba0186d5b2b1c93f24554eb8ba00b6394b92f8f1153e4fe58f868e29d5cd6a4a98acf62d90
Static task
static1
Behavioral task
behavioral1
Sample
c25e427b4cc4f925eb98334fd1795f2e3dc09eaf4df8cf1342dbca9ae33e18f9.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
new1
78.47.178.190:24520
-
auth_value
b9c3e1c18594ac1d05598a5a956de4fb
Targets
-
-
Target
c25e427b4cc4f925eb98334fd1795f2e3dc09eaf4df8cf1342dbca9ae33e18f9
-
Size
487KB
-
MD5
72b06da5e2d23ee12b89d891e80bda5f
-
SHA1
1e31ab5828fa44e161060d64a37dedcac6909b2b
-
SHA256
c25e427b4cc4f925eb98334fd1795f2e3dc09eaf4df8cf1342dbca9ae33e18f9
-
SHA512
1c0e8761f814ae511b962b45e9136e095c6ef1113c6e02ac17b5fdba0186d5b2b1c93f24554eb8ba00b6394b92f8f1153e4fe58f868e29d5cd6a4a98acf62d90
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-