General
-
Target
438c9c3167e2eb5d8e3325c1c7b27c8beb881e07e67e52db6e86139146886c08
-
Size
848KB
-
Sample
220316-zrezjagdg7
-
MD5
b4a63487a982b6bba3284225d89f25d5
-
SHA1
e8009e282e76f9d31f2761ba073b879ce417fd00
-
SHA256
438c9c3167e2eb5d8e3325c1c7b27c8beb881e07e67e52db6e86139146886c08
-
SHA512
bb23f408604bbb41c6be8a04277f384cdd75e17cbe189cb593cb9b841ac23745244747736793e0bceef9b830729a5c2939c232da2c87648132dd79b6bb4618a2
Static task
static1
Behavioral task
behavioral1
Sample
438c9c3167e2eb5d8e3325c1c7b27c8beb881e07e67e52db6e86139146886c08.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
438c9c3167e2eb5d8e3325c1c7b27c8beb881e07e67e52db6e86139146886c08.exe
Resource
win10v2004-20220310-en
Malware Config
Extracted
redline
YT
193.38.55.97:35200
Targets
-
-
Target
438c9c3167e2eb5d8e3325c1c7b27c8beb881e07e67e52db6e86139146886c08
-
Size
848KB
-
MD5
b4a63487a982b6bba3284225d89f25d5
-
SHA1
e8009e282e76f9d31f2761ba073b879ce417fd00
-
SHA256
438c9c3167e2eb5d8e3325c1c7b27c8beb881e07e67e52db6e86139146886c08
-
SHA512
bb23f408604bbb41c6be8a04277f384cdd75e17cbe189cb593cb9b841ac23745244747736793e0bceef9b830729a5c2939c232da2c87648132dd79b6bb4618a2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-