General
-
Target
3738f6835c8a9c4b848d32d2e717c3283b6f60281e33389f339946b4d54fd812
-
Size
290KB
-
Sample
220606-2rls7ahbdq
-
MD5
a84fc82f61c7ddb8295971ec03e633ec
-
SHA1
5e95aa00646b9a469fc41075d5db9b42265a9df8
-
SHA256
3738f6835c8a9c4b848d32d2e717c3283b6f60281e33389f339946b4d54fd812
-
SHA512
2a7f7fd754496cb8c6b1d19073ee51cd189ac319589da831cb8ecb60d1eba8883caaf81433a1b629dcdc919d8abdf2af95922889e14d43625c3802198becdc63
Static task
static1
Behavioral task
behavioral1
Sample
3738f6835c8a9c4b848d32d2e717c3283b6f60281e33389f339946b4d54fd812.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
9-5
139.99.32.83:43199
-
auth_value
637de2b47f42d9cc7912f71cb6b57b5b
Targets
-
-
Target
3738f6835c8a9c4b848d32d2e717c3283b6f60281e33389f339946b4d54fd812
-
Size
290KB
-
MD5
a84fc82f61c7ddb8295971ec03e633ec
-
SHA1
5e95aa00646b9a469fc41075d5db9b42265a9df8
-
SHA256
3738f6835c8a9c4b848d32d2e717c3283b6f60281e33389f339946b4d54fd812
-
SHA512
2a7f7fd754496cb8c6b1d19073ee51cd189ac319589da831cb8ecb60d1eba8883caaf81433a1b629dcdc919d8abdf2af95922889e14d43625c3802198becdc63
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-