General
-
Target
37e057a9cf268da296c33ea6e935d1008b018cc51752143618577b3b9a2a26ee
-
Size
715KB
-
Sample
220613-hbw5faadc6
-
MD5
b375ee623bea4699cb7b5018a78c91d9
-
SHA1
ecc84cee43aa4daa7b5a474e59182f3fe02cc633
-
SHA256
37e057a9cf268da296c33ea6e935d1008b018cc51752143618577b3b9a2a26ee
-
SHA512
79e36ba2774cd56ebce9e3e9e6f7ff759d90df1117adb2bcb5831471c9eedd6b949ef2f30bb91c2e7dc4ac23a30caf6955faa81adba8000921cbddcc1ad86417
Static task
static1
Behavioral task
behavioral1
Sample
37e057a9cf268da296c33ea6e935d1008b018cc51752143618577b3b9a2a26ee.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
37e057a9cf268da296c33ea6e935d1008b018cc51752143618577b3b9a2a26ee
-
Size
715KB
-
MD5
b375ee623bea4699cb7b5018a78c91d9
-
SHA1
ecc84cee43aa4daa7b5a474e59182f3fe02cc633
-
SHA256
37e057a9cf268da296c33ea6e935d1008b018cc51752143618577b3b9a2a26ee
-
SHA512
79e36ba2774cd56ebce9e3e9e6f7ff759d90df1117adb2bcb5831471c9eedd6b949ef2f30bb91c2e7dc4ac23a30caf6955faa81adba8000921cbddcc1ad86417
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-