General
-
Target
51396197.exe
-
Size
490KB
-
Sample
220322-xzcs2adebr
-
MD5
299b400d98ec9cd5115e1d969c915bdf
-
SHA1
2a53cd1d2380ce1115fcf891a8f9f53a5f6f6e65
-
SHA256
286bb7855ae2d5a4963f4cefb78127cedff7ce7755e6da993be7c45c76676dd9
-
SHA512
b837c5d7476234e9e7878fb8d44c5c0753fe697e187465735e6638943ffb164cef1677981490aea08d146bd4a59889c156f8052f9b25b674a1e941a87cf62540
Static task
static1
Behavioral task
behavioral1
Sample
51396197.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
51396197.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
eu
78.47.178.190:24520
-
auth_value
54fe6111ca0a53cc008202163fe15980
Targets
-
-
Target
51396197.exe
-
Size
490KB
-
MD5
299b400d98ec9cd5115e1d969c915bdf
-
SHA1
2a53cd1d2380ce1115fcf891a8f9f53a5f6f6e65
-
SHA256
286bb7855ae2d5a4963f4cefb78127cedff7ce7755e6da993be7c45c76676dd9
-
SHA512
b837c5d7476234e9e7878fb8d44c5c0753fe697e187465735e6638943ffb164cef1677981490aea08d146bd4a59889c156f8052f9b25b674a1e941a87cf62540
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-