General
-
Target
2dffd7568c0b1749e9479fc50340522063996ab48af21f52964ff8e42f122ff4
-
Size
1.8MB
-
Sample
220422-p9gkzaggan
-
MD5
9471b63e999c67e2526d979fe8799f47
-
SHA1
539555532442501f2ab534c7cb6ad2b148c524b9
-
SHA256
2dffd7568c0b1749e9479fc50340522063996ab48af21f52964ff8e42f122ff4
-
SHA512
e35289ace98529de36549aedd7d8d3011fba1543ffe808160b61e8bfddec920beffbbadec6d53d2d2464ae4953358e52791095672a45a866f7c7475dd5b02ec0
Static task
static1
Behavioral task
behavioral1
Sample
2dffd7568c0b1749e9479fc50340522063996ab48af21f52964ff8e42f122ff4.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
@ansdvsvsvd
46.8.220.88:65531
-
auth_value
d7b874c6650abbcb219b4f56f4676fee
Targets
-
-
Target
2dffd7568c0b1749e9479fc50340522063996ab48af21f52964ff8e42f122ff4
-
Size
1.8MB
-
MD5
9471b63e999c67e2526d979fe8799f47
-
SHA1
539555532442501f2ab534c7cb6ad2b148c524b9
-
SHA256
2dffd7568c0b1749e9479fc50340522063996ab48af21f52964ff8e42f122ff4
-
SHA512
e35289ace98529de36549aedd7d8d3011fba1543ffe808160b61e8bfddec920beffbbadec6d53d2d2464ae4953358e52791095672a45a866f7c7475dd5b02ec0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-