General
-
Target
0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4
-
Size
486KB
-
Sample
220530-s1396aace4
-
MD5
94171bdb6de49f25dfa8185e60082b36
-
SHA1
dcd0848a0152bc09940a39c3093b4887fed53883
-
SHA256
0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4
-
SHA512
0fe844b78b66bab1ab36afc01adc95d2e9b90ec42efac9d510ecfac4d21c9ca49d4d037becc7613b4a1db33af7795b5e75ccea03fec1a5af85d67908a173385b
Static task
static1
Behavioral task
behavioral1
Sample
0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
600$5
193.38.235.192:43770
-
auth_value
dd54f25665dc6af5439959d34a36bf6b
Targets
-
-
Target
0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4
-
Size
486KB
-
MD5
94171bdb6de49f25dfa8185e60082b36
-
SHA1
dcd0848a0152bc09940a39c3093b4887fed53883
-
SHA256
0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4
-
SHA512
0fe844b78b66bab1ab36afc01adc95d2e9b90ec42efac9d510ecfac4d21c9ca49d4d037becc7613b4a1db33af7795b5e75ccea03fec1a5af85d67908a173385b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-