General
-
Target
56a5c8d85496e9feff7ed147049a18b51c860e39c4bd95fb30588dfaf81fd9de
-
Size
715KB
-
Sample
220613-g6tgcsacf6
-
MD5
6f7b9c25ab36a139cef90f56d157a95d
-
SHA1
7138238e4c38b1caea464588ac440a7196ea654d
-
SHA256
56a5c8d85496e9feff7ed147049a18b51c860e39c4bd95fb30588dfaf81fd9de
-
SHA512
1fa56fbceb043d5077f99f6b9c3b63dae909f563afdc350e95827ee71461234faca2151455c2ddf08821a6f46cc550a3fa6d76e0bb2f0c50f3898d2e9a09c3f3
Static task
static1
Behavioral task
behavioral1
Sample
56a5c8d85496e9feff7ed147049a18b51c860e39c4bd95fb30588dfaf81fd9de.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
56a5c8d85496e9feff7ed147049a18b51c860e39c4bd95fb30588dfaf81fd9de
-
Size
715KB
-
MD5
6f7b9c25ab36a139cef90f56d157a95d
-
SHA1
7138238e4c38b1caea464588ac440a7196ea654d
-
SHA256
56a5c8d85496e9feff7ed147049a18b51c860e39c4bd95fb30588dfaf81fd9de
-
SHA512
1fa56fbceb043d5077f99f6b9c3b63dae909f563afdc350e95827ee71461234faca2151455c2ddf08821a6f46cc550a3fa6d76e0bb2f0c50f3898d2e9a09c3f3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-