General
-
Target
15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
-
Size
1.8MB
-
Sample
220504-158dnsegc3
-
MD5
5d2367e76275aa61b153bbe5c34e73e6
-
SHA1
6e3893ebe0e612bdf7923f83f97d7301f152cfa7
-
SHA256
15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
-
SHA512
c7b418d04c7b555af5bdbd66cdaea8d74a997b0a9e9dc662459ad6baf8b6ae3f1726c45c7b91b6f80c611c1d8f6e78b3e0c3d77f6a8325cc7e913862b16aa6f9
Static task
static1
Behavioral task
behavioral1
Sample
15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
install
78.47.98.158:35823
-
auth_value
8eea77189c08cded7fd621fc5ec89caf
Targets
-
-
Target
15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
-
Size
1.8MB
-
MD5
5d2367e76275aa61b153bbe5c34e73e6
-
SHA1
6e3893ebe0e612bdf7923f83f97d7301f152cfa7
-
SHA256
15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
-
SHA512
c7b418d04c7b555af5bdbd66cdaea8d74a997b0a9e9dc662459ad6baf8b6ae3f1726c45c7b91b6f80c611c1d8f6e78b3e0c3d77f6a8325cc7e913862b16aa6f9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-