General
-
Target
0579ade8ac1a5122c157028bf358f34133aa8834a19ed53c4868091cec2f69a8
-
Size
715KB
-
Sample
220613-f2shtsaah8
-
MD5
304840bd697d9d733ab117ab7d295fa1
-
SHA1
ccfe0c8bcaf4b6ea67ec418de03cdc8a9a777054
-
SHA256
0579ade8ac1a5122c157028bf358f34133aa8834a19ed53c4868091cec2f69a8
-
SHA512
0cd2bc279be46b4b638b98e002c095fea665f6286995a0645336546260a39737fb49ac219baadd6d6efce93ddf5a9e2e24c74b296437359863bed2ecb3e6414c
Static task
static1
Behavioral task
behavioral1
Sample
0579ade8ac1a5122c157028bf358f34133aa8834a19ed53c4868091cec2f69a8.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
0579ade8ac1a5122c157028bf358f34133aa8834a19ed53c4868091cec2f69a8
-
Size
715KB
-
MD5
304840bd697d9d733ab117ab7d295fa1
-
SHA1
ccfe0c8bcaf4b6ea67ec418de03cdc8a9a777054
-
SHA256
0579ade8ac1a5122c157028bf358f34133aa8834a19ed53c4868091cec2f69a8
-
SHA512
0cd2bc279be46b4b638b98e002c095fea665f6286995a0645336546260a39737fb49ac219baadd6d6efce93ddf5a9e2e24c74b296437359863bed2ecb3e6414c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-