General
-
Target
88600217.exe
-
Size
4.6MB
-
Sample
220323-z8f8xsage7
-
MD5
42c773c233daa41deb6cd9aaa3265a1f
-
SHA1
3178217f4cb7cbd95a6f286717800a8a48bb4fd7
-
SHA256
1176b04e2fafb75121c0123af0056d080ef97bf98f4fef47ffd7a48d55910db8
-
SHA512
bae421dc2ba0fb0b99b2f2155e16a575ba3299ef9f341b6110af95dfda8caf6e3c8dc36f182fd14f17adacc59eee160c655244b7e44ace6d9df043b130617071
Static task
static1
Behavioral task
behavioral1
Sample
88600217.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
88600217.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
@zhilsholi
yabynennet.xyz:81
-
auth_value
c2d0b7a2ede97b91495c99e75b4f27fb
Targets
-
-
Target
88600217.exe
-
Size
4.6MB
-
MD5
42c773c233daa41deb6cd9aaa3265a1f
-
SHA1
3178217f4cb7cbd95a6f286717800a8a48bb4fd7
-
SHA256
1176b04e2fafb75121c0123af0056d080ef97bf98f4fef47ffd7a48d55910db8
-
SHA512
bae421dc2ba0fb0b99b2f2155e16a575ba3299ef9f341b6110af95dfda8caf6e3c8dc36f182fd14f17adacc59eee160c655244b7e44ace6d9df043b130617071
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-