General
-
Target
65360019.exe
-
Size
4.6MB
-
Sample
220323-fe5jwafdg5
-
MD5
8daaa6e60c0c7287492aabf5614967ca
-
SHA1
bc63fc6924c57b09d310288cca7eecda6c64a0b7
-
SHA256
aa0b78eec724b44accdd3d1d0bd7f6b775664acb4333328269c4cf6f4dd190f8
-
SHA512
ba72f9f44aff4bd0ec34df893f81ba60a6aff935c167765964a88b902c887b0be62b9a75acf25ab0f3a4c3b4de59055c540820a71e22eebd9bef3a8b86fbd6b7
Static task
static1
Behavioral task
behavioral1
Sample
65360019.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
65360019.exe
Resource
win10v2004-20220310-en
Malware Config
Extracted
redline
@JABKA9983
95.214.8.54:25565
-
auth_value
6da5168841968f263b7c520ddc0c88b3
Targets
-
-
Target
65360019.exe
-
Size
4.6MB
-
MD5
8daaa6e60c0c7287492aabf5614967ca
-
SHA1
bc63fc6924c57b09d310288cca7eecda6c64a0b7
-
SHA256
aa0b78eec724b44accdd3d1d0bd7f6b775664acb4333328269c4cf6f4dd190f8
-
SHA512
ba72f9f44aff4bd0ec34df893f81ba60a6aff935c167765964a88b902c887b0be62b9a75acf25ab0f3a4c3b4de59055c540820a71e22eebd9bef3a8b86fbd6b7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-