General
-
Target
c0da5841ddfc29dc9eea7d8d9e42d981385602f21025ec47798d302c3ef50096
-
Size
1.3MB
-
Sample
211001-hvg5mabbbp
-
MD5
1330be0f9459506cfd3d972082f3cb0e
-
SHA1
116815a43e5d9c6ae9dc998e93948e274209711a
-
SHA256
c0da5841ddfc29dc9eea7d8d9e42d981385602f21025ec47798d302c3ef50096
-
SHA512
0d865e09ca6ab65f617ad43d7badfbd80db79354e73178555ea2a37d9a51f40db94f7ff3c791b00da8ff84c91397a761d03b06ddac787f162b8edc23eabda1bc
Static task
static1
Behavioral task
behavioral1
Sample
c0da5841ddfc29dc9eea7d8d9e42d981385602f21025ec47798d302c3ef50096.exe
Resource
win10-en-20210920
Malware Config
Extracted
redline
new1
185.180.220.105:11915
Targets
-
-
Target
c0da5841ddfc29dc9eea7d8d9e42d981385602f21025ec47798d302c3ef50096
-
Size
1.3MB
-
MD5
1330be0f9459506cfd3d972082f3cb0e
-
SHA1
116815a43e5d9c6ae9dc998e93948e274209711a
-
SHA256
c0da5841ddfc29dc9eea7d8d9e42d981385602f21025ec47798d302c3ef50096
-
SHA512
0d865e09ca6ab65f617ad43d7badfbd80db79354e73178555ea2a37d9a51f40db94f7ff3c791b00da8ff84c91397a761d03b06ddac787f162b8edc23eabda1bc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-