General
-
Target
b30e6d3b0e8ee87d05da437fd7b9ca6e.exe
-
Size
39KB
-
Sample
210422-3v7xc2fh7a
-
MD5
b30e6d3b0e8ee87d05da437fd7b9ca6e
-
SHA1
690da147ac423b1666a6a633ca10f64f9258f25a
-
SHA256
f2c5b3927505fa11f06b04e8c87a54f649c2f64f70bf84248afc67b873ecb88c
-
SHA512
a67ea54c6fa5aaeefce3eb9bf5ce6e887ecc3302b3c9fe1597929a3b3cf43820b408413b0a3b170c0c1c6510b6f23c06af331efd73c1bd62ee115c08b1f1ee66
Static task
static1
Behavioral task
behavioral1
Sample
b30e6d3b0e8ee87d05da437fd7b9ca6e.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
b30e6d3b0e8ee87d05da437fd7b9ca6e.exe
Resource
win10v20210410
Malware Config
Extracted
redline
EU
download3.info:80
Targets
-
-
Target
b30e6d3b0e8ee87d05da437fd7b9ca6e.exe
-
Size
39KB
-
MD5
b30e6d3b0e8ee87d05da437fd7b9ca6e
-
SHA1
690da147ac423b1666a6a633ca10f64f9258f25a
-
SHA256
f2c5b3927505fa11f06b04e8c87a54f649c2f64f70bf84248afc67b873ecb88c
-
SHA512
a67ea54c6fa5aaeefce3eb9bf5ce6e887ecc3302b3c9fe1597929a3b3cf43820b408413b0a3b170c0c1c6510b6f23c06af331efd73c1bd62ee115c08b1f1ee66
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-