General
-
Target
tmp
-
Size
1.2MB
-
Sample
220622-kpzhtscacq
-
MD5
455400def1f221f6947098b7f8b744b2
-
SHA1
e0a33de435792d33be25ee3a667b29b780dfac5e
-
SHA256
cc265c5d066b1eb28af641a7676061e145955fbee0e410dc5fdfb8bdb9676695
-
SHA512
6960f5831259c23a3c56b85cbced1512e7063ca313baddb8423ec43a11f9bfc34aeee6e6f57396ca18b84e07c2c21b483c820bc79f0505fd6cd88dd7662f9e3c
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
tmp
-
Size
1.2MB
-
MD5
455400def1f221f6947098b7f8b744b2
-
SHA1
e0a33de435792d33be25ee3a667b29b780dfac5e
-
SHA256
cc265c5d066b1eb28af641a7676061e145955fbee0e410dc5fdfb8bdb9676695
-
SHA512
6960f5831259c23a3c56b85cbced1512e7063ca313baddb8423ec43a11f9bfc34aeee6e6f57396ca18b84e07c2c21b483c820bc79f0505fd6cd88dd7662f9e3c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of SetThreadContext
-