General
-
Target
118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5
-
Size
3.6MB
-
Sample
220604-c7hc9safbj
-
MD5
34a6cfdf1745cec12dfbbf98c3b9f9e5
-
SHA1
11727439dc908ac568b280e9ce83a0abe013df20
-
SHA256
118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5
-
SHA512
5e021c59b6aba8029ba22fffcd947502b1901759501338f5b806b35928fd29b5d780121ed923cd209eb8ad4b950d11a134566b9c647d3c6f8a25e95b84138437
Static task
static1
Behavioral task
behavioral1
Sample
118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
test1
disandillanne.xyz:80
-
auth_value
49b58bceac3797b6c21fd0772031e010
Targets
-
-
Target
118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5
-
Size
3.6MB
-
MD5
34a6cfdf1745cec12dfbbf98c3b9f9e5
-
SHA1
11727439dc908ac568b280e9ce83a0abe013df20
-
SHA256
118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5
-
SHA512
5e021c59b6aba8029ba22fffcd947502b1901759501338f5b806b35928fd29b5d780121ed923cd209eb8ad4b950d11a134566b9c647d3c6f8a25e95b84138437
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-