General
-
Target
4ff9d33d146bde7f85713f2a7da2cebf.exe
-
Size
1.4MB
-
Sample
210226-dg2gbhzst6
-
MD5
4ff9d33d146bde7f85713f2a7da2cebf
-
SHA1
a56f3a9d26e72d93c11d218b91ac630c7045a517
-
SHA256
e9a66c730fa980242a636338edc5351b82fc20ac3425b6bc1f3e4ec5ed8a5fe2
-
SHA512
5d46074fa0083c18f326689d42e84cf91acde156d973f45a645ce3aba0305590d02bc050a55e46ea091a384baf5bac81ca1c183aecfd8f39135dfa847c28bb73
Static task
static1
Behavioral task
behavioral1
Sample
4ff9d33d146bde7f85713f2a7da2cebf.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
4ff9d33d146bde7f85713f2a7da2cebf.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
4ff9d33d146bde7f85713f2a7da2cebf.exe
-
Size
1.4MB
-
MD5
4ff9d33d146bde7f85713f2a7da2cebf
-
SHA1
a56f3a9d26e72d93c11d218b91ac630c7045a517
-
SHA256
e9a66c730fa980242a636338edc5351b82fc20ac3425b6bc1f3e4ec5ed8a5fe2
-
SHA512
5d46074fa0083c18f326689d42e84cf91acde156d973f45a645ce3aba0305590d02bc050a55e46ea091a384baf5bac81ca1c183aecfd8f39135dfa847c28bb73
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-