General
-
Target
9d999627deac3d67198da86f03c85f6b41e3caa929ea311656b592766642ae1f
-
Size
1.2MB
-
Sample
220520-hpsdeahfhq
-
MD5
0160e32d94d073452d3d32b7db8bc8a2
-
SHA1
c4368949e474c4d6009576f0160dbb41b62b9f77
-
SHA256
9d999627deac3d67198da86f03c85f6b41e3caa929ea311656b592766642ae1f
-
SHA512
7bcb86f412c5280096ace344395d1d19656d9ce28fca25564ff3eff797ee233ef0b6be3a6d3c8ff50ab1e554d8cc76c946ea7cf80a69b7155ff76ea7ba1897b4
Static task
static1
Behavioral task
behavioral1
Sample
9d999627deac3d67198da86f03c85f6b41e3caa929ea311656b592766642ae1f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
9d999627deac3d67198da86f03c85f6b41e3caa929ea311656b592766642ae1f.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
1
65.21.239.87:34105
-
auth_value
95517c2a2f56575288c35d9dfde4a6aa
Targets
-
-
Target
9d999627deac3d67198da86f03c85f6b41e3caa929ea311656b592766642ae1f
-
Size
1.2MB
-
MD5
0160e32d94d073452d3d32b7db8bc8a2
-
SHA1
c4368949e474c4d6009576f0160dbb41b62b9f77
-
SHA256
9d999627deac3d67198da86f03c85f6b41e3caa929ea311656b592766642ae1f
-
SHA512
7bcb86f412c5280096ace344395d1d19656d9ce28fca25564ff3eff797ee233ef0b6be3a6d3c8ff50ab1e554d8cc76c946ea7cf80a69b7155ff76ea7ba1897b4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-