Resubmissions
07-05-2021 18:56
210507-2v7r2kd3q2 10General
-
Target
1a51248c75d910c49f184342a912fe9cb7ace5d8.exe
-
Size
136KB
-
Sample
210507-2v7r2kd3q2
-
MD5
7eaf6cacffb2ae2b3c3b6c2b0491e2a5
-
SHA1
1a51248c75d910c49f184342a912fe9cb7ace5d8
-
SHA256
6308b2097dcba28565037a65fd9354fe7cecc13df2b7459ef91153760fa8dc42
-
SHA512
1bd52476a59e05e6ec5de3dc4cf7705cea37668fc8b3d143f269123cb32a582f493ffa093c3fe2d6c647d1ccef31de51c922cf48eb6f96f87c99e3aebc3d6731
Static task
static1
Behavioral task
behavioral1
Sample
1a51248c75d910c49f184342a912fe9cb7ace5d8.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
1a51248c75d910c49f184342a912fe9cb7ace5d8.exe
Resource
win10v20210408
Malware Config
Extracted
redline
lyla
87.251.71.4:80
Targets
-
-
Target
1a51248c75d910c49f184342a912fe9cb7ace5d8.exe
-
Size
136KB
-
MD5
7eaf6cacffb2ae2b3c3b6c2b0491e2a5
-
SHA1
1a51248c75d910c49f184342a912fe9cb7ace5d8
-
SHA256
6308b2097dcba28565037a65fd9354fe7cecc13df2b7459ef91153760fa8dc42
-
SHA512
1bd52476a59e05e6ec5de3dc4cf7705cea37668fc8b3d143f269123cb32a582f493ffa093c3fe2d6c647d1ccef31de51c922cf48eb6f96f87c99e3aebc3d6731
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-