General
-
Target
880412260564224d36a8407e38a8a58ac19aea2d1133535f8034f7dcf6889f64
-
Size
735KB
-
Sample
220315-a89sssgdfq
-
MD5
07a7b333916388a9c79677654bd38c58
-
SHA1
654845924294710677dec0c184dea4f449d34bf9
-
SHA256
880412260564224d36a8407e38a8a58ac19aea2d1133535f8034f7dcf6889f64
-
SHA512
6f13f24779c50410bc4fd110f877654be15c4992da7c06b89c475a5d5dab744324bd3ed01a28fb153907d0c72dceeb6f4d5a4d3e0c5cda9ac2d02821c5306f7c
Static task
static1
Behavioral task
behavioral1
Sample
880412260564224d36a8407e38a8a58ac19aea2d1133535f8034f7dcf6889f64.exe
Resource
win10-20220223-en
Malware Config
Extracted
redline
proliv2
95.216.16.35:80
-
auth_value
ca42c778a3f4017ddf8a466bc0b417b1
Targets
-
-
Target
880412260564224d36a8407e38a8a58ac19aea2d1133535f8034f7dcf6889f64
-
Size
735KB
-
MD5
07a7b333916388a9c79677654bd38c58
-
SHA1
654845924294710677dec0c184dea4f449d34bf9
-
SHA256
880412260564224d36a8407e38a8a58ac19aea2d1133535f8034f7dcf6889f64
-
SHA512
6f13f24779c50410bc4fd110f877654be15c4992da7c06b89c475a5d5dab744324bd3ed01a28fb153907d0c72dceeb6f4d5a4d3e0c5cda9ac2d02821c5306f7c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-