General
-
Target
4a136b737d9e08d4d04f661f050447f5a2ef4c2d1834e434f3bcaf2b85526175
-
Size
529KB
-
Sample
220712-r2cyxsedaq
-
MD5
054daf924a5537dea562d6b1bea7ebd7
-
SHA1
5ca2df89fa45d5fe8544033cad2e5116417761b6
-
SHA256
4a136b737d9e08d4d04f661f050447f5a2ef4c2d1834e434f3bcaf2b85526175
-
SHA512
a118c2a0d4056d611c90d9c16bafde79799afdba01adcf905c8c044facf78ed36e630e6bda8323c23a7331a14cf15a2a3c9226fb3e559e466896123c025b8e25
Static task
static1
Behavioral task
behavioral1
Sample
4a136b737d9e08d4d04f661f050447f5a2ef4c2d1834e434f3bcaf2b85526175.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4a136b737d9e08d4d04f661f050447f5a2ef4c2d1834e434f3bcaf2b85526175.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
fullynew
rlmushahel.xyz:80
Targets
-
-
Target
4a136b737d9e08d4d04f661f050447f5a2ef4c2d1834e434f3bcaf2b85526175
-
Size
529KB
-
MD5
054daf924a5537dea562d6b1bea7ebd7
-
SHA1
5ca2df89fa45d5fe8544033cad2e5116417761b6
-
SHA256
4a136b737d9e08d4d04f661f050447f5a2ef4c2d1834e434f3bcaf2b85526175
-
SHA512
a118c2a0d4056d611c90d9c16bafde79799afdba01adcf905c8c044facf78ed36e630e6bda8323c23a7331a14cf15a2a3c9226fb3e559e466896123c025b8e25
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-