General
-
Target
eb207112f14ba9ba8bd62500f5a10f07a15af70d6c4fbc1d6ee0b9e14b685c24
-
Size
1024KB
-
Sample
220524-s8z8gagea9
-
MD5
77754f3a52aa773c9d3a7800e6ef5175
-
SHA1
35b044fd8435b6a886f5ad69938b4d5f60c92069
-
SHA256
eb207112f14ba9ba8bd62500f5a10f07a15af70d6c4fbc1d6ee0b9e14b685c24
-
SHA512
14a3d73698ea2872508e9ed2fcc62aea016a56da096bd5b24cfed3e85ccf771c794a69bdabf48c26d6f1eddb34be04883ad7099a14b60ec36cb879968717d128
Static task
static1
Behavioral task
behavioral1
Sample
eb207112f14ba9ba8bd62500f5a10f07a15af70d6c4fbc1d6ee0b9e14b685c24.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
eb207112f14ba9ba8bd62500f5a10f07a15af70d6c4fbc1d6ee0b9e14b685c24.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
10
195.161.41.203:80
Targets
-
-
Target
eb207112f14ba9ba8bd62500f5a10f07a15af70d6c4fbc1d6ee0b9e14b685c24
-
Size
1024KB
-
MD5
77754f3a52aa773c9d3a7800e6ef5175
-
SHA1
35b044fd8435b6a886f5ad69938b4d5f60c92069
-
SHA256
eb207112f14ba9ba8bd62500f5a10f07a15af70d6c4fbc1d6ee0b9e14b685c24
-
SHA512
14a3d73698ea2872508e9ed2fcc62aea016a56da096bd5b24cfed3e85ccf771c794a69bdabf48c26d6f1eddb34be04883ad7099a14b60ec36cb879968717d128
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-