General
-
Target
f441a110f19b615e5c5fcf95ad57f96c418c2b5b3ad2565ff3863442457b422d
-
Size
5.9MB
-
Sample
211220-nmfjqabcap
-
MD5
2fe55f16da6348999312ef5ec21ae20d
-
SHA1
112bb1adce4ff9c427f61acbad6129794f8b213e
-
SHA256
f441a110f19b615e5c5fcf95ad57f96c418c2b5b3ad2565ff3863442457b422d
-
SHA512
12747dd0fb27ace42c58f9412099d8fb33e73a24a1c1a86ebab96c22aef9f11a32320b8eca61fa9197ec8476a358ef674e067151d163b2a96f92085cf3d72724
Static task
static1
Behavioral task
behavioral1
Sample
f441a110f19b615e5c5fcf95ad57f96c418c2b5b3ad2565ff3863442457b422d.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
444
31.131.254.105:1498
Targets
-
-
Target
f441a110f19b615e5c5fcf95ad57f96c418c2b5b3ad2565ff3863442457b422d
-
Size
5.9MB
-
MD5
2fe55f16da6348999312ef5ec21ae20d
-
SHA1
112bb1adce4ff9c427f61acbad6129794f8b213e
-
SHA256
f441a110f19b615e5c5fcf95ad57f96c418c2b5b3ad2565ff3863442457b422d
-
SHA512
12747dd0fb27ace42c58f9412099d8fb33e73a24a1c1a86ebab96c22aef9f11a32320b8eca61fa9197ec8476a358ef674e067151d163b2a96f92085cf3d72724
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-