General
-
Target
551b8b4e78b7fdba1b42a063e6cb6053eeb76090d1ba500c478df3049be68674
-
Size
2.3MB
-
Sample
220606-yqcbksffcj
-
MD5
6e746aad1fc5ecf25845bc0547b60c4f
-
SHA1
f4758c14f1cba3d257f064fa5a79d32e366ddad0
-
SHA256
551b8b4e78b7fdba1b42a063e6cb6053eeb76090d1ba500c478df3049be68674
-
SHA512
3559dc04c4cde2f5bd20385a5944756f7997d7a486298b1051ff01447e4198a22ec3c1ad3839334de9962ade7179228bf9d17e1caf8ad7f4de2133737f74db37
Static task
static1
Behavioral task
behavioral1
Sample
551b8b4e78b7fdba1b42a063e6cb6053eeb76090d1ba500c478df3049be68674.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
1
168.119.50.2:44795
-
auth_value
24b5bd5b441536b793bf4e2a4d143416
Targets
-
-
Target
551b8b4e78b7fdba1b42a063e6cb6053eeb76090d1ba500c478df3049be68674
-
Size
2.3MB
-
MD5
6e746aad1fc5ecf25845bc0547b60c4f
-
SHA1
f4758c14f1cba3d257f064fa5a79d32e366ddad0
-
SHA256
551b8b4e78b7fdba1b42a063e6cb6053eeb76090d1ba500c478df3049be68674
-
SHA512
3559dc04c4cde2f5bd20385a5944756f7997d7a486298b1051ff01447e4198a22ec3c1ad3839334de9962ade7179228bf9d17e1caf8ad7f4de2133737f74db37
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-