General
-
Target
bd7bdf1fe2307d49c71109ee8a7759b1919bccf1f0e6ee3daa76cf3834d7e3be
-
Size
295KB
-
Sample
220608-2ntdvshbg2
-
MD5
d5a4071b7a2b6f45c5178f636bfa1b93
-
SHA1
89f57ed6b2659e21bdc10c4e7d80efb339d13b3a
-
SHA256
bd7bdf1fe2307d49c71109ee8a7759b1919bccf1f0e6ee3daa76cf3834d7e3be
-
SHA512
35d5e7f58fef352d1ed74fbd22fb4da226e0fbc46324ecc34475bd0ee16ce8ab006d165e52d5444c77f4f14abd6a724dcf121dba47e1db9ccf94360394db9e66
Static task
static1
Behavioral task
behavioral1
Sample
bd7bdf1fe2307d49c71109ee8a7759b1919bccf1f0e6ee3daa76cf3834d7e3be.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
1
89.22.227.236:22009
-
auth_value
2a9c7589a4287e8852c51a7124d88669
Targets
-
-
Target
bd7bdf1fe2307d49c71109ee8a7759b1919bccf1f0e6ee3daa76cf3834d7e3be
-
Size
295KB
-
MD5
d5a4071b7a2b6f45c5178f636bfa1b93
-
SHA1
89f57ed6b2659e21bdc10c4e7d80efb339d13b3a
-
SHA256
bd7bdf1fe2307d49c71109ee8a7759b1919bccf1f0e6ee3daa76cf3834d7e3be
-
SHA512
35d5e7f58fef352d1ed74fbd22fb4da226e0fbc46324ecc34475bd0ee16ce8ab006d165e52d5444c77f4f14abd6a724dcf121dba47e1db9ccf94360394db9e66
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-