General
-
Target
20144ac4b35cda8d0df43bacffb09aaa82e61c367001d87bd80e233127c41f75
-
Size
3.6MB
-
Sample
220612-q1va5saad2
-
MD5
4f1c1dee549fe45bfc4d69f251c3bbfe
-
SHA1
2771a162d86f1658a37ad50b55e73c38ebf4459a
-
SHA256
20144ac4b35cda8d0df43bacffb09aaa82e61c367001d87bd80e233127c41f75
-
SHA512
15b3d64c333e679a37661a21bff192cb6e76f63b3a1b409ae1ec1401893b77d9b76bafff01b3efbdcf7e15a60b55c4f424a161772423c264a3c64d8405255581
Static task
static1
Behavioral task
behavioral1
Sample
20144ac4b35cda8d0df43bacffb09aaa82e61c367001d87bd80e233127c41f75.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
20144ac4b35cda8d0df43bacffb09aaa82e61c367001d87bd80e233127c41f75.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
test1
disandillanne.xyz:80
-
auth_value
49b58bceac3797b6c21fd0772031e010
Targets
-
-
Target
20144ac4b35cda8d0df43bacffb09aaa82e61c367001d87bd80e233127c41f75
-
Size
3.6MB
-
MD5
4f1c1dee549fe45bfc4d69f251c3bbfe
-
SHA1
2771a162d86f1658a37ad50b55e73c38ebf4459a
-
SHA256
20144ac4b35cda8d0df43bacffb09aaa82e61c367001d87bd80e233127c41f75
-
SHA512
15b3d64c333e679a37661a21bff192cb6e76f63b3a1b409ae1ec1401893b77d9b76bafff01b3efbdcf7e15a60b55c4f424a161772423c264a3c64d8405255581
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-