General
-
Target
63a34871b484152dce8b02ce232207e288049a55ff148d0eee8d7571842d40ab
-
Size
416KB
-
Sample
210926-t1m4lsfbd5
-
MD5
440c6427f359554d5152d93dbb272cc2
-
SHA1
1be9b53d33272b3730bf564d1f2b39119cfb7c78
-
SHA256
63a34871b484152dce8b02ce232207e288049a55ff148d0eee8d7571842d40ab
-
SHA512
23e14a24c21a89c0222ab2b6a8ae77be7ff788abfa1b1ed3377723ec49d8b0969e84f26142abe564f2eb20ae6986b70f0ba885af394762bae2e383301fd3c2f8
Static task
static1
Behavioral task
behavioral1
Sample
63a34871b484152dce8b02ce232207e288049a55ff148d0eee8d7571842d40ab.exe
Resource
win10v20210408
Malware Config
Extracted
redline
Teslalogs
91.206.14.151:50125
Targets
-
-
Target
63a34871b484152dce8b02ce232207e288049a55ff148d0eee8d7571842d40ab
-
Size
416KB
-
MD5
440c6427f359554d5152d93dbb272cc2
-
SHA1
1be9b53d33272b3730bf564d1f2b39119cfb7c78
-
SHA256
63a34871b484152dce8b02ce232207e288049a55ff148d0eee8d7571842d40ab
-
SHA512
23e14a24c21a89c0222ab2b6a8ae77be7ff788abfa1b1ed3377723ec49d8b0969e84f26142abe564f2eb20ae6986b70f0ba885af394762bae2e383301fd3c2f8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-