General
-
Target
58af78b464503e903769374ec830f15b581625f296f474ab60db75a44ddd5ee0
-
Size
715KB
-
Sample
220613-f776gaeabm
-
MD5
1a8ad783d2485e78cd1142ee0fc1a89e
-
SHA1
8882e258d990713ed60f92153aba6b1775f8da46
-
SHA256
58af78b464503e903769374ec830f15b581625f296f474ab60db75a44ddd5ee0
-
SHA512
b5f664d51e45f9edcf571803a63d6423ba1117853155d16566c3db951c62b96129fccc4f6617fd2bdad8a15d9484a83c7d47f924d3677273e0497526dc5e8777
Static task
static1
Behavioral task
behavioral1
Sample
58af78b464503e903769374ec830f15b581625f296f474ab60db75a44ddd5ee0.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
58af78b464503e903769374ec830f15b581625f296f474ab60db75a44ddd5ee0
-
Size
715KB
-
MD5
1a8ad783d2485e78cd1142ee0fc1a89e
-
SHA1
8882e258d990713ed60f92153aba6b1775f8da46
-
SHA256
58af78b464503e903769374ec830f15b581625f296f474ab60db75a44ddd5ee0
-
SHA512
b5f664d51e45f9edcf571803a63d6423ba1117853155d16566c3db951c62b96129fccc4f6617fd2bdad8a15d9484a83c7d47f924d3677273e0497526dc5e8777
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-