General
-
Target
a8ed64c2ba2355ae29d0f0d8fff78a40b8488fd60351839c6ce2347e355a74c3
-
Size
290KB
-
Sample
220607-jd756acba2
-
MD5
98422ed16c0986e96b8628b55e1e86a6
-
SHA1
c5888f1c5474e77f625903d7247239e5fc362a18
-
SHA256
a8ed64c2ba2355ae29d0f0d8fff78a40b8488fd60351839c6ce2347e355a74c3
-
SHA512
fadf6f67fa71ad7df3d989b59b6bcd092b0e4e2ae6749b8641caf7a3d7b41796c141490fdfa534f9dfaf5a6727d31b9d66dbbe7a75f4e0dc1b734371061df2b8
Static task
static1
Behavioral task
behavioral1
Sample
a8ed64c2ba2355ae29d0f0d8fff78a40b8488fd60351839c6ce2347e355a74c3.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
9-5
139.99.32.83:43199
-
auth_value
637de2b47f42d9cc7912f71cb6b57b5b
Targets
-
-
Target
a8ed64c2ba2355ae29d0f0d8fff78a40b8488fd60351839c6ce2347e355a74c3
-
Size
290KB
-
MD5
98422ed16c0986e96b8628b55e1e86a6
-
SHA1
c5888f1c5474e77f625903d7247239e5fc362a18
-
SHA256
a8ed64c2ba2355ae29d0f0d8fff78a40b8488fd60351839c6ce2347e355a74c3
-
SHA512
fadf6f67fa71ad7df3d989b59b6bcd092b0e4e2ae6749b8641caf7a3d7b41796c141490fdfa534f9dfaf5a6727d31b9d66dbbe7a75f4e0dc1b734371061df2b8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-