General
-
Target
6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73
-
Size
2.5MB
-
Sample
220812-bfn63aeffl
-
MD5
df508168f27e48f10a8329b034a635e7
-
SHA1
86a62a26f4eaf35bc81f15b05b059f5d83ee00d6
-
SHA256
6f2ce8e8650d5523a7bcd85a4bdb59f39523ee49652321a906a72445dd3b9d73
-
SHA512
d1b2e717b9b33463247a644cd8bb0f32dbbe38ecb4a78c55488d55062d4aa784004fa9d93b35e92ac9140b26639a2ef7e602d977c916a03d6ae111d81445cc66
Static task
static1
Behavioral task
behavioral1
Sample
6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73.exe
Resource
win10-20220718-en
Malware Config
Extracted
redline
yt
193.124.22.7:13417
-
auth_value
778bc9af4179a5317bc72a9c954a0dd2
Targets
-
-
Target
6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73
-
Size
2.5MB
-
MD5
df508168f27e48f10a8329b034a635e7
-
SHA1
86a62a26f4eaf35bc81f15b05b059f5d83ee00d6
-
SHA256
6f2ce8e8650d5523a7bcd85a4bdb59f39523ee49652321a906a72445dd3b9d73
-
SHA512
d1b2e717b9b33463247a644cd8bb0f32dbbe38ecb4a78c55488d55062d4aa784004fa9d93b35e92ac9140b26639a2ef7e602d977c916a03d6ae111d81445cc66
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-