General
-
Target
cbbc153c014eefbe14f50fae5b19471a6c25365d41e0a27ad0514045dee0df3b
-
Size
290KB
-
Sample
220607-s7aleseghj
-
MD5
62156df841fa668c986f4ece5993e958
-
SHA1
400f68805c2db259d648ee381ede61ff5e9a4a73
-
SHA256
cbbc153c014eefbe14f50fae5b19471a6c25365d41e0a27ad0514045dee0df3b
-
SHA512
0e198d5a0008f04d706a7dc2afb1b6528a6d756d7ea2eefc48948d912a096b66089320f75d69b27006c708aab884def124a8318c2ac02cff262a3adccaa90f0b
Static task
static1
Behavioral task
behavioral1
Sample
cbbc153c014eefbe14f50fae5b19471a6c25365d41e0a27ad0514045dee0df3b.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
9-5
139.99.32.83:43199
-
auth_value
637de2b47f42d9cc7912f71cb6b57b5b
Targets
-
-
Target
cbbc153c014eefbe14f50fae5b19471a6c25365d41e0a27ad0514045dee0df3b
-
Size
290KB
-
MD5
62156df841fa668c986f4ece5993e958
-
SHA1
400f68805c2db259d648ee381ede61ff5e9a4a73
-
SHA256
cbbc153c014eefbe14f50fae5b19471a6c25365d41e0a27ad0514045dee0df3b
-
SHA512
0e198d5a0008f04d706a7dc2afb1b6528a6d756d7ea2eefc48948d912a096b66089320f75d69b27006c708aab884def124a8318c2ac02cff262a3adccaa90f0b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-