General
-
Target
a4ea8ccb32a746e3315e35d366246545d6475dc48e8e43cf92da45bf5de0fe7f
-
Size
349KB
-
Sample
211014-gx3cxagcf9
-
MD5
ea5d06ebac99fcea217fecc743c259f5
-
SHA1
db9b688cf9941bcbd02364db15ebfa22797eb551
-
SHA256
a4ea8ccb32a746e3315e35d366246545d6475dc48e8e43cf92da45bf5de0fe7f
-
SHA512
85a20dc5b983a53b3d8bf8d02b9f57b917e995772d4b9f570e3bc604e6a0442b1ef1485e9e4f910cc50ed26680d18b34db46e65a41181e3c8622da95164bdd5e
Static task
static1
Behavioral task
behavioral1
Sample
a4ea8ccb32a746e3315e35d366246545d6475dc48e8e43cf92da45bf5de0fe7f.exe
Resource
win10-en-20210920
Malware Config
Extracted
redline
@fullloger
164.132.202.45:20588
Targets
-
-
Target
a4ea8ccb32a746e3315e35d366246545d6475dc48e8e43cf92da45bf5de0fe7f
-
Size
349KB
-
MD5
ea5d06ebac99fcea217fecc743c259f5
-
SHA1
db9b688cf9941bcbd02364db15ebfa22797eb551
-
SHA256
a4ea8ccb32a746e3315e35d366246545d6475dc48e8e43cf92da45bf5de0fe7f
-
SHA512
85a20dc5b983a53b3d8bf8d02b9f57b917e995772d4b9f570e3bc604e6a0442b1ef1485e9e4f910cc50ed26680d18b34db46e65a41181e3c8622da95164bdd5e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-