Resubmissions
29-04-2024 08:42
240429-kma3fseh51 1028-04-2024 12:51
240428-p3kdaagb82 628-04-2024 12:50
240428-p3c9zagb79 128-04-2024 12:50
240428-p2xxzsge81 127-04-2024 12:26
240427-pmpcasba9v 1025-04-2024 15:48
240425-s8x34scc35 1024-04-2024 16:46
240424-t97jlsdd7t 1024-04-2024 12:25
240424-pllj1shg8y 1023-04-2024 15:49
240423-s9tgbahf57 1023-04-2024 10:17
240423-mbcg9afd94 1General
-
Target
https://bing.com
-
Sample
240423-s9tgbahf57
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://bing.com
Resource
win10-20240404-en
windows10-1703-x64
19 signatures
1800 seconds
Malware Config
Extracted
Family
redline
C2
45.15.156.142:33597
Targets
-
-
Target
https://bing.com
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-