General
-
Target
Dianthus.exe
-
Size
43KB
-
Sample
210427-1wqwzwzzka
-
MD5
77dfc735d37c3f44ab13d253ccd5417c
-
SHA1
fa4d120c3f31281722c11c65aecf200634e7299b
-
SHA256
802c523228e29013b5b60c643272ba0c837a7de3902c55424d7779535309a235
-
SHA512
e832c2ff754038f1a69374a8dc24ded93dd62cbd0a886fa04b2469ec6ab715611bf8d942d7e25016fcaf19844f19c8436d09c51f851147f1842c20e43fd2000f
Static task
static1
Behavioral task
behavioral1
Sample
Dianthus.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Dianthus.exe
Resource
win10v20210408
Malware Config
Extracted
redline
test1
ynnnzonie.xyz:80
Targets
-
-
Target
Dianthus.exe
-
Size
43KB
-
MD5
77dfc735d37c3f44ab13d253ccd5417c
-
SHA1
fa4d120c3f31281722c11c65aecf200634e7299b
-
SHA256
802c523228e29013b5b60c643272ba0c837a7de3902c55424d7779535309a235
-
SHA512
e832c2ff754038f1a69374a8dc24ded93dd62cbd0a886fa04b2469ec6ab715611bf8d942d7e25016fcaf19844f19c8436d09c51f851147f1842c20e43fd2000f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-