General
-
Target
e299ef4de4e150d4fcf0a8913c442d119f936fca6bb2c1e0ec26865d8e7e0d65
-
Size
715KB
-
Sample
220613-hlan7aadh2
-
MD5
fe84918698d2cbc0ca8a66c560bd220f
-
SHA1
2ad77f4ee9b50ac7cb6757b35da31de91e373ced
-
SHA256
e299ef4de4e150d4fcf0a8913c442d119f936fca6bb2c1e0ec26865d8e7e0d65
-
SHA512
c06b096fd1352d852da98710072e596b214bf25cf95632d24a35328a791deadbeb2790cfa96a35e78711a71430973bdf12cb0afde1e0dd033fb864023b1997a6
Static task
static1
Behavioral task
behavioral1
Sample
e299ef4de4e150d4fcf0a8913c442d119f936fca6bb2c1e0ec26865d8e7e0d65.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
e299ef4de4e150d4fcf0a8913c442d119f936fca6bb2c1e0ec26865d8e7e0d65
-
Size
715KB
-
MD5
fe84918698d2cbc0ca8a66c560bd220f
-
SHA1
2ad77f4ee9b50ac7cb6757b35da31de91e373ced
-
SHA256
e299ef4de4e150d4fcf0a8913c442d119f936fca6bb2c1e0ec26865d8e7e0d65
-
SHA512
c06b096fd1352d852da98710072e596b214bf25cf95632d24a35328a791deadbeb2790cfa96a35e78711a71430973bdf12cb0afde1e0dd033fb864023b1997a6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-