General
-
Target
f07262b7b616f4285c7e4f39a778a4d28b3d07b936fc5749f0c2ab00b26b9a76
-
Size
715KB
-
Sample
220613-h441raeeal
-
MD5
424e0e716ebb8e20e9d2597083bb3b83
-
SHA1
a2afd9b3d3f64c2c817e41d6d5a7731be5fe227c
-
SHA256
f07262b7b616f4285c7e4f39a778a4d28b3d07b936fc5749f0c2ab00b26b9a76
-
SHA512
2919c0469cecb042bcdb86e2c22deb025fb95befb8c2aeeefb2a103b64a455393fd00b9dc38130fc9c91cd3716a6a1a6e4bb148222e459e11ddba26aa37e34dd
Static task
static1
Behavioral task
behavioral1
Sample
f07262b7b616f4285c7e4f39a778a4d28b3d07b936fc5749f0c2ab00b26b9a76.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
f07262b7b616f4285c7e4f39a778a4d28b3d07b936fc5749f0c2ab00b26b9a76
-
Size
715KB
-
MD5
424e0e716ebb8e20e9d2597083bb3b83
-
SHA1
a2afd9b3d3f64c2c817e41d6d5a7731be5fe227c
-
SHA256
f07262b7b616f4285c7e4f39a778a4d28b3d07b936fc5749f0c2ab00b26b9a76
-
SHA512
2919c0469cecb042bcdb86e2c22deb025fb95befb8c2aeeefb2a103b64a455393fd00b9dc38130fc9c91cd3716a6a1a6e4bb148222e459e11ddba26aa37e34dd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-