General
-
Target
ba4da2816e56d546b1465070df277f37cdd180f73607530186ed8b97e384ed65
-
Size
715KB
-
Sample
220613-j5fj8aegdp
-
MD5
7d0fb6081c5a86d66a175fa1bf8ebfbf
-
SHA1
be0cf078c89035a54ba7fc75fe02331658758305
-
SHA256
ba4da2816e56d546b1465070df277f37cdd180f73607530186ed8b97e384ed65
-
SHA512
593c83ba57a77b81a045b17a60251cfae200ba76a34eee194cd082b13133d2f6ecd5967b32fd6426cc0afbc5a2b0ad59f7b54f681e3cf8c5e9037a9dcfd1a73e
Static task
static1
Behavioral task
behavioral1
Sample
ba4da2816e56d546b1465070df277f37cdd180f73607530186ed8b97e384ed65.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
ba4da2816e56d546b1465070df277f37cdd180f73607530186ed8b97e384ed65
-
Size
715KB
-
MD5
7d0fb6081c5a86d66a175fa1bf8ebfbf
-
SHA1
be0cf078c89035a54ba7fc75fe02331658758305
-
SHA256
ba4da2816e56d546b1465070df277f37cdd180f73607530186ed8b97e384ed65
-
SHA512
593c83ba57a77b81a045b17a60251cfae200ba76a34eee194cd082b13133d2f6ecd5967b32fd6426cc0afbc5a2b0ad59f7b54f681e3cf8c5e9037a9dcfd1a73e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-