General
-
Target
e5346cb75cfe1aced53ead50429496b4fb1c6c3ba521a976bde66085b20fd64e
-
Size
1.2MB
-
Sample
220514-eg1s2aeff7
-
MD5
b0b9470f03c04a398d11f9efdd6a8831
-
SHA1
7d64f130d1a2edac3390f60246042628201d369f
-
SHA256
e5346cb75cfe1aced53ead50429496b4fb1c6c3ba521a976bde66085b20fd64e
-
SHA512
fa5f5f4eec914ec2ce6f6f3a642ae29921b9135d8baced6dbc06128d1d6579fefa10b2603a6219422a440249a4a7c465363abc13d28f729368e2d33ba99f4128
Static task
static1
Behavioral task
behavioral1
Sample
e5346cb75cfe1aced53ead50429496b4fb1c6c3ba521a976bde66085b20fd64e.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
Paladin
193.150.103.38:40169
-
auth_value
27544084559b144244d7ad7299642a4c
Targets
-
-
Target
e5346cb75cfe1aced53ead50429496b4fb1c6c3ba521a976bde66085b20fd64e
-
Size
1.2MB
-
MD5
b0b9470f03c04a398d11f9efdd6a8831
-
SHA1
7d64f130d1a2edac3390f60246042628201d369f
-
SHA256
e5346cb75cfe1aced53ead50429496b4fb1c6c3ba521a976bde66085b20fd64e
-
SHA512
fa5f5f4eec914ec2ce6f6f3a642ae29921b9135d8baced6dbc06128d1d6579fefa10b2603a6219422a440249a4a7c465363abc13d28f729368e2d33ba99f4128
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-