General
-
Target
6d365fb843e6951544c8882513f838eed3625dba77722863c864e62fc9646fe7
-
Size
715KB
-
Sample
220613-k8antafbhq
-
MD5
30b37f22e8096b74d92dde05607f6927
-
SHA1
d60df3b83fafadbc674fe92c9d4fc6882c39ea21
-
SHA256
6d365fb843e6951544c8882513f838eed3625dba77722863c864e62fc9646fe7
-
SHA512
84b56845735bd480f5f80213310bcf362ca142e34a67b0d232d885280f741cc9d04822d562579e8334c7e80a0abbd889886424cf281980b220b39d881a0c1f15
Static task
static1
Behavioral task
behavioral1
Sample
6d365fb843e6951544c8882513f838eed3625dba77722863c864e62fc9646fe7.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
6d365fb843e6951544c8882513f838eed3625dba77722863c864e62fc9646fe7
-
Size
715KB
-
MD5
30b37f22e8096b74d92dde05607f6927
-
SHA1
d60df3b83fafadbc674fe92c9d4fc6882c39ea21
-
SHA256
6d365fb843e6951544c8882513f838eed3625dba77722863c864e62fc9646fe7
-
SHA512
84b56845735bd480f5f80213310bcf362ca142e34a67b0d232d885280f741cc9d04822d562579e8334c7e80a0abbd889886424cf281980b220b39d881a0c1f15
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-