General
-
Target
11beeea95d6006b6d76ba57c27bce7bd.exe
-
Size
1.3MB
-
Sample
220513-zkxwrsecem
-
MD5
11beeea95d6006b6d76ba57c27bce7bd
-
SHA1
399a216500f078ee141b045b2e1e7194f48689bc
-
SHA256
788c479dd24438feffbe33fda214468f3fbb2948d1c4c5ab24468544c7d8feed
-
SHA512
3dbe3db1963b63b24a5d620c31130193fb2b1a51fa1dc1bf5d6209027ea90b3d0d08e66a9d0c4a0eb1577e42c44a99d3a4cb7ee382ce0a29a64a509c6d445cd4
Static task
static1
Behavioral task
behavioral1
Sample
11beeea95d6006b6d76ba57c27bce7bd.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
11beeea95d6006b6d76ba57c27bce7bd.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
1
lisongealma.xyz:80
-
auth_value
5f7063331aee56b8535fe77efc265597
Targets
-
-
Target
11beeea95d6006b6d76ba57c27bce7bd.exe
-
Size
1.3MB
-
MD5
11beeea95d6006b6d76ba57c27bce7bd
-
SHA1
399a216500f078ee141b045b2e1e7194f48689bc
-
SHA256
788c479dd24438feffbe33fda214468f3fbb2948d1c4c5ab24468544c7d8feed
-
SHA512
3dbe3db1963b63b24a5d620c31130193fb2b1a51fa1dc1bf5d6209027ea90b3d0d08e66a9d0c4a0eb1577e42c44a99d3a4cb7ee382ce0a29a64a509c6d445cd4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-