General
-
Target
dab6ea66c52fd55d8e3b318d4219cf03e47df5faba136e2ed8993c326ac357d9
-
Size
715KB
-
Sample
220613-gnbhtseahk
-
MD5
890dd056ace6504cdd18cbc86edae98a
-
SHA1
c54ecf097d72cd22a64049dbaef732a7fa4944a2
-
SHA256
dab6ea66c52fd55d8e3b318d4219cf03e47df5faba136e2ed8993c326ac357d9
-
SHA512
ab0156127d28e6f4a8b9da596b3591acf0df1c66652fce9abf87c7f0776c1b0bb8aa7ddbfc9ae5447f71b2742340f1963f20b7959a27a8aaade22312565ed587
Static task
static1
Behavioral task
behavioral1
Sample
dab6ea66c52fd55d8e3b318d4219cf03e47df5faba136e2ed8993c326ac357d9.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
dab6ea66c52fd55d8e3b318d4219cf03e47df5faba136e2ed8993c326ac357d9
-
Size
715KB
-
MD5
890dd056ace6504cdd18cbc86edae98a
-
SHA1
c54ecf097d72cd22a64049dbaef732a7fa4944a2
-
SHA256
dab6ea66c52fd55d8e3b318d4219cf03e47df5faba136e2ed8993c326ac357d9
-
SHA512
ab0156127d28e6f4a8b9da596b3591acf0df1c66652fce9abf87c7f0776c1b0bb8aa7ddbfc9ae5447f71b2742340f1963f20b7959a27a8aaade22312565ed587
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-