General
-
Target
bf7e12c58996d3eeccb1579cf7deebad
-
Size
27KB
-
Sample
220714-gw4vcahdaq
-
MD5
bf7e12c58996d3eeccb1579cf7deebad
-
SHA1
7fa3364a66007c45f86fba9554be731dcd3cf214
-
SHA256
e6a1af25f5810aae04d269ee7d6d36595943b194dc24a0f55f839a6a41337aca
-
SHA512
2fd3c6045ab0ebca474537d29bb455889ea4c6fa50b83e2d2dc3f72dd527a06c0ba22ee3aa52f290481e1b942ef68ab59762700bdc50931fb774bbf04eefd8a7
Static task
static1
Behavioral task
behavioral1
Sample
bf7e12c58996d3eeccb1579cf7deebad.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
bf7e12c58996d3eeccb1579cf7deebad.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
build
172.93.213.137:7525
Targets
-
-
Target
bf7e12c58996d3eeccb1579cf7deebad
-
Size
27KB
-
MD5
bf7e12c58996d3eeccb1579cf7deebad
-
SHA1
7fa3364a66007c45f86fba9554be731dcd3cf214
-
SHA256
e6a1af25f5810aae04d269ee7d6d36595943b194dc24a0f55f839a6a41337aca
-
SHA512
2fd3c6045ab0ebca474537d29bb455889ea4c6fa50b83e2d2dc3f72dd527a06c0ba22ee3aa52f290481e1b942ef68ab59762700bdc50931fb774bbf04eefd8a7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-