General
-
Target
c1c1278e20d3873a088dbe56dc1f59f3
-
Size
299KB
-
Sample
220603-cvtkrsfcb9
-
MD5
c1c1278e20d3873a088dbe56dc1f59f3
-
SHA1
b23531bf87624a717183756de5954cb059fd3df1
-
SHA256
c6ebefab2e87ee95b7bd9946bd7bf35ef367e0a8e6dcbc3722b7f7984a5ec272
-
SHA512
6756218a1618c14e040060075fcf52b15349b83fb7acddf2b304fd1fc2c023e957265d206e45cb46ce1082002fa9fef6ed5ba2460bfa50278e7598fe19f071c0
Static task
static1
Behavioral task
behavioral1
Sample
c1c1278e20d3873a088dbe56dc1f59f3.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
c1c1278e20d3873a088dbe56dc1f59f3.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
1
65.108.5.252:43673
-
auth_value
95517c2a2f56575288c35d9dfde4a6aa
Targets
-
-
Target
c1c1278e20d3873a088dbe56dc1f59f3
-
Size
299KB
-
MD5
c1c1278e20d3873a088dbe56dc1f59f3
-
SHA1
b23531bf87624a717183756de5954cb059fd3df1
-
SHA256
c6ebefab2e87ee95b7bd9946bd7bf35ef367e0a8e6dcbc3722b7f7984a5ec272
-
SHA512
6756218a1618c14e040060075fcf52b15349b83fb7acddf2b304fd1fc2c023e957265d206e45cb46ce1082002fa9fef6ed5ba2460bfa50278e7598fe19f071c0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-