General
-
Target
5d176c51389d19f6567c3d86dd516722565be77940ea92c8f65ef5a4bad953cb
-
Size
370KB
-
Sample
210829-qb73yev5ke
-
MD5
976672a3c0d501c9a66d3c07eff7ca20
-
SHA1
0e1604cf945ae9cdc21f1f1e6f0e98c14e2c9f46
-
SHA256
5d176c51389d19f6567c3d86dd516722565be77940ea92c8f65ef5a4bad953cb
-
SHA512
bbb58e2ec46f23b1a4f0a09b7c8684c20098c229e1d96294a6155dbf425e0b21c904030d69e2df734fa3e5d4a3445c7f30ce2fdfad2173653ce0b3cefeff7557
Static task
static1
Behavioral task
behavioral1
Sample
5d176c51389d19f6567c3d86dd516722565be77940ea92c8f65ef5a4bad953cb.exe
Resource
win10v20210408
Malware Config
Extracted
redline
BTC
tambisup.com:9825
Targets
-
-
Target
5d176c51389d19f6567c3d86dd516722565be77940ea92c8f65ef5a4bad953cb
-
Size
370KB
-
MD5
976672a3c0d501c9a66d3c07eff7ca20
-
SHA1
0e1604cf945ae9cdc21f1f1e6f0e98c14e2c9f46
-
SHA256
5d176c51389d19f6567c3d86dd516722565be77940ea92c8f65ef5a4bad953cb
-
SHA512
bbb58e2ec46f23b1a4f0a09b7c8684c20098c229e1d96294a6155dbf425e0b21c904030d69e2df734fa3e5d4a3445c7f30ce2fdfad2173653ce0b3cefeff7557
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-