General
-
Target
f751501b33b4d7e35aa20d08f718e5a8ed1c0471b4da1bdd2562a3536d83d58e
-
Size
1.2MB
-
Sample
220516-j14q9aacgk
-
MD5
cb8cd07d32498986d817939e06ac4abb
-
SHA1
1de2ea093784a9b7ff6d1fa6d6877fdae990bd42
-
SHA256
f751501b33b4d7e35aa20d08f718e5a8ed1c0471b4da1bdd2562a3536d83d58e
-
SHA512
4c37cbd33af706f265415a309f9b32a46836430597be5a929423b4eaffc498a25c853ab7806a39f2e641ac9e95d75f8306bf48c37958b6e9291db8d80ae0ad59
Static task
static1
Behavioral task
behavioral1
Sample
f751501b33b4d7e35aa20d08f718e5a8ed1c0471b4da1bdd2562a3536d83d58e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
f751501b33b4d7e35aa20d08f718e5a8ed1c0471b4da1bdd2562a3536d83d58e.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
Install
176.10.119.117:27038
-
auth_value
701b6467f584b2d5c52fa31ecce6761d
Targets
-
-
Target
f751501b33b4d7e35aa20d08f718e5a8ed1c0471b4da1bdd2562a3536d83d58e
-
Size
1.2MB
-
MD5
cb8cd07d32498986d817939e06ac4abb
-
SHA1
1de2ea093784a9b7ff6d1fa6d6877fdae990bd42
-
SHA256
f751501b33b4d7e35aa20d08f718e5a8ed1c0471b4da1bdd2562a3536d83d58e
-
SHA512
4c37cbd33af706f265415a309f9b32a46836430597be5a929423b4eaffc498a25c853ab7806a39f2e641ac9e95d75f8306bf48c37958b6e9291db8d80ae0ad59
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-