General
-
Target
8fac06e1ec79e09b27dc014e28d5782de936ad0fb598d2982c77355f26979e46
-
Size
715KB
-
Sample
220613-fe95cshhg2
-
MD5
d7d955c598e1b803263a6ed4c8793ea6
-
SHA1
01f2fc8f6c56a28366156c747dc3d4d2d4ec2c0b
-
SHA256
8fac06e1ec79e09b27dc014e28d5782de936ad0fb598d2982c77355f26979e46
-
SHA512
7b63461a65913211b41ce360df34289c26192f7ea46e01d3adf3f3adcf0ec42f0c78e8b974656fa79d6f254ed07d1f309dfe6b1e21c7549052018508fbad2bd2
Static task
static1
Behavioral task
behavioral1
Sample
8fac06e1ec79e09b27dc014e28d5782de936ad0fb598d2982c77355f26979e46.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
8fac06e1ec79e09b27dc014e28d5782de936ad0fb598d2982c77355f26979e46
-
Size
715KB
-
MD5
d7d955c598e1b803263a6ed4c8793ea6
-
SHA1
01f2fc8f6c56a28366156c747dc3d4d2d4ec2c0b
-
SHA256
8fac06e1ec79e09b27dc014e28d5782de936ad0fb598d2982c77355f26979e46
-
SHA512
7b63461a65913211b41ce360df34289c26192f7ea46e01d3adf3f3adcf0ec42f0c78e8b974656fa79d6f254ed07d1f309dfe6b1e21c7549052018508fbad2bd2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-