General
-
Target
ec9982a34d254f2d78122c3409e2bed7295abbe83c736e746f5037f1bbdf9c6c
-
Size
517KB
-
Sample
210930-t36czaaccr
-
MD5
938702a6263e5cb70e29162cd8d3da88
-
SHA1
48010fec2862ebe56ae93dbf18433515f5aab780
-
SHA256
ec9982a34d254f2d78122c3409e2bed7295abbe83c736e746f5037f1bbdf9c6c
-
SHA512
fa3707244dc98b127f3c4d6d5266ad976b3fdd85a5ada45f7b5f07c71f5c18d27058bd40d54a56caa9084b41669c2a9ce907cbc01eeb3af7c78f31841ca33a1d
Static task
static1
Behavioral task
behavioral1
Sample
ec9982a34d254f2d78122c3409e2bed7295abbe83c736e746f5037f1bbdf9c6c.exe
Resource
win10-en-20210920
Malware Config
Extracted
redline
@big_tastyyy
87.251.71.44:80
Targets
-
-
Target
ec9982a34d254f2d78122c3409e2bed7295abbe83c736e746f5037f1bbdf9c6c
-
Size
517KB
-
MD5
938702a6263e5cb70e29162cd8d3da88
-
SHA1
48010fec2862ebe56ae93dbf18433515f5aab780
-
SHA256
ec9982a34d254f2d78122c3409e2bed7295abbe83c736e746f5037f1bbdf9c6c
-
SHA512
fa3707244dc98b127f3c4d6d5266ad976b3fdd85a5ada45f7b5f07c71f5c18d27058bd40d54a56caa9084b41669c2a9ce907cbc01eeb3af7c78f31841ca33a1d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-