General
-
Target
7f7a2d15e339a696bcc070c361823f04f163059f9b261ad211e9d7aee5802d57
-
Size
715KB
-
Sample
220613-jnvmtaage4
-
MD5
a97f4950c1a9e33c1a91c49cc28504b5
-
SHA1
5143a6a55d755f62491386b3af5e3f2e782f15a5
-
SHA256
7f7a2d15e339a696bcc070c361823f04f163059f9b261ad211e9d7aee5802d57
-
SHA512
e47e1ec9c2f103b25a5d3d5b652d74cbe56176911aab025b99c5e58c229689cc1acc266d3b9b0c20f0982a2815d650e946ec3ecc415c6621208be15573938d35
Static task
static1
Behavioral task
behavioral1
Sample
7f7a2d15e339a696bcc070c361823f04f163059f9b261ad211e9d7aee5802d57.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
7f7a2d15e339a696bcc070c361823f04f163059f9b261ad211e9d7aee5802d57
-
Size
715KB
-
MD5
a97f4950c1a9e33c1a91c49cc28504b5
-
SHA1
5143a6a55d755f62491386b3af5e3f2e782f15a5
-
SHA256
7f7a2d15e339a696bcc070c361823f04f163059f9b261ad211e9d7aee5802d57
-
SHA512
e47e1ec9c2f103b25a5d3d5b652d74cbe56176911aab025b99c5e58c229689cc1acc266d3b9b0c20f0982a2815d650e946ec3ecc415c6621208be15573938d35
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-