General
-
Target
c91ee695fb403d39fb7a7d226fea9a859645451b41dd2739bc61920b39ceb1a8
-
Size
1.3MB
-
Sample
220516-b9jtfabeep
-
MD5
d0eae19aa9c5bddb4bb42ca64d1f0c93
-
SHA1
dc03c706821b0fcd0621e35caa6f76812c764d11
-
SHA256
c91ee695fb403d39fb7a7d226fea9a859645451b41dd2739bc61920b39ceb1a8
-
SHA512
40caa2f3a0b22b152831c48c0e3b22b53ee91f50369eb0039084ed2a255e4fc6bd2f64b68f849a14781e07da22c5e5fa8e1a4d20533c8eb78d031cad75412f71
Static task
static1
Behavioral task
behavioral1
Sample
c91ee695fb403d39fb7a7d226fea9a859645451b41dd2739bc61920b39ceb1a8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
c91ee695fb403d39fb7a7d226fea9a859645451b41dd2739bc61920b39ceb1a8.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
now
185.193.38.27:80
Targets
-
-
Target
c91ee695fb403d39fb7a7d226fea9a859645451b41dd2739bc61920b39ceb1a8
-
Size
1.3MB
-
MD5
d0eae19aa9c5bddb4bb42ca64d1f0c93
-
SHA1
dc03c706821b0fcd0621e35caa6f76812c764d11
-
SHA256
c91ee695fb403d39fb7a7d226fea9a859645451b41dd2739bc61920b39ceb1a8
-
SHA512
40caa2f3a0b22b152831c48c0e3b22b53ee91f50369eb0039084ed2a255e4fc6bd2f64b68f849a14781e07da22c5e5fa8e1a4d20533c8eb78d031cad75412f71
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-