General
-
Target
mal.exe
-
Size
1.5MB
-
Sample
220815-rdt8asbehj
-
MD5
84d23b22008035354bbabc93aa8d5da7
-
SHA1
eb776a76b6691a6151b3a4cfcbd5ae6ac5bcf8f6
-
SHA256
502c32dd4ce9820711f0840c33e7de4c69617802160870e2a4f02690ae28029c
-
SHA512
1f24991660fffff3ffd42d039a4598625bdc9b0c1e331d8c6145095c207dd4639af5144b275c60a811091edc86433e261d4bd8b56feec229dfb6cce70c9df67d
Static task
static1
Behavioral task
behavioral1
Sample
mal.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
mal.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
X
45.76.223.107:25950
-
auth_value
249e1ece2f90b39d9c5563282076f21f
Targets
-
-
Target
mal.exe
-
Size
1.5MB
-
MD5
84d23b22008035354bbabc93aa8d5da7
-
SHA1
eb776a76b6691a6151b3a4cfcbd5ae6ac5bcf8f6
-
SHA256
502c32dd4ce9820711f0840c33e7de4c69617802160870e2a4f02690ae28029c
-
SHA512
1f24991660fffff3ffd42d039a4598625bdc9b0c1e331d8c6145095c207dd4639af5144b275c60a811091edc86433e261d4bd8b56feec229dfb6cce70c9df67d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-