General
-
Target
78ac30db2617db407a39162d8bf963705cbffa575648b65ddeb26ff9431243e0
-
Size
290KB
-
Sample
220607-syr44seddr
-
MD5
a268805ffcc0978922cbb3d250e16525
-
SHA1
d16ac00d687f608e76cde95f87473c91b58679e0
-
SHA256
78ac30db2617db407a39162d8bf963705cbffa575648b65ddeb26ff9431243e0
-
SHA512
1163e1b1d69877cc6b43412269fdada33fd36dd94e461c2dc61f1a9046bd78c7da3d3b89964cc2332f47054256696bc295fcce9c67c4de1b41906d5555e4f75e
Static task
static1
Behavioral task
behavioral1
Sample
78ac30db2617db407a39162d8bf963705cbffa575648b65ddeb26ff9431243e0.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
9-5
139.99.32.83:43199
-
auth_value
637de2b47f42d9cc7912f71cb6b57b5b
Targets
-
-
Target
78ac30db2617db407a39162d8bf963705cbffa575648b65ddeb26ff9431243e0
-
Size
290KB
-
MD5
a268805ffcc0978922cbb3d250e16525
-
SHA1
d16ac00d687f608e76cde95f87473c91b58679e0
-
SHA256
78ac30db2617db407a39162d8bf963705cbffa575648b65ddeb26ff9431243e0
-
SHA512
1163e1b1d69877cc6b43412269fdada33fd36dd94e461c2dc61f1a9046bd78c7da3d3b89964cc2332f47054256696bc295fcce9c67c4de1b41906d5555e4f75e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-