General
-
Target
Adobe Photoshop 2022 v23.2.2.325.zip
-
Size
64.7MB
-
Sample
220530-txjxsabfd9
-
MD5
8ee4f66531692d1f079f0ca2a7135406
-
SHA1
9a554c46ce9b0a64dbb2682fe277d10773e12ddf
-
SHA256
04f31ac7f42862112d47923303bca261d074678084e7f84f875d4cbfdabdfc24
-
SHA512
2460bc6f7dd9bafe89bbd0a2a034fdd7868f4034254d8df63d05a98c19b409fd05d7d3e2de0e2518c5d4563b2050dfa7e9b9932061b6be9943d58fb971863f8f
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
194.93.2.28:46378
-
auth_value
97e69692d8403a5aff22422dec2740bd
Targets
-
-
Target
Setup.exe
-
Size
2.2MB
-
MD5
775e498a631f09987d0e1945c47a01aa
-
SHA1
df5de4d57d5ce1ac849940e1c4906ffbc36efb6d
-
SHA256
f2fbdc1e852712d8b0a1f6c7090d9fc81694c9604cff9b48900f596431d47158
-
SHA512
ccef0c27f1a7c2cfbe791628f841374ce232069fcae97ded44211df91ace6505dc63ba8381bcfcccda586dd611283b35115fcce707780ec31ec5111a9b592885
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-