General
-
Target
33b73473e3c2757d2dc7f3e1dd94d06cdb2aff24cf32c8a8cd5ae44decb21e6d
-
Size
315KB
-
Sample
220330-gy1kpshbe7
-
MD5
f4478de1dfeb26dae509d2c5f20eeb4b
-
SHA1
ff35f32a4a43a54512517f3e022c17fdbf918b05
-
SHA256
33b73473e3c2757d2dc7f3e1dd94d06cdb2aff24cf32c8a8cd5ae44decb21e6d
-
SHA512
5a8c96f040c11460d16968493b1d375a4f804539409ef5c9928fbea1c6fd75a572f76c099595c444b79065932ee6a6aad820cb8c8558ad88f58dd21301035c18
Static task
static1
Behavioral task
behavioral1
Sample
33b73473e3c2757d2dc7f3e1dd94d06cdb2aff24cf32c8a8cd5ae44decb21e6d.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
redline
SHOP
81.91.178.186:19410
-
auth_value
7273a6cb679b168231d3174961c76baa
Targets
-
-
Target
33b73473e3c2757d2dc7f3e1dd94d06cdb2aff24cf32c8a8cd5ae44decb21e6d
-
Size
315KB
-
MD5
f4478de1dfeb26dae509d2c5f20eeb4b
-
SHA1
ff35f32a4a43a54512517f3e022c17fdbf918b05
-
SHA256
33b73473e3c2757d2dc7f3e1dd94d06cdb2aff24cf32c8a8cd5ae44decb21e6d
-
SHA512
5a8c96f040c11460d16968493b1d375a4f804539409ef5c9928fbea1c6fd75a572f76c099595c444b79065932ee6a6aad820cb8c8558ad88f58dd21301035c18
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-