General
-
Target
78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
-
Size
745KB
-
Sample
220613-k8zb6sfcal
-
MD5
4e42432eb9f22bbb32ffb678d83d28e8
-
SHA1
b82054919c96ecec758471d6b2de6078561c52bb
-
SHA256
78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
-
SHA512
4a70fedcf8ddbaf5b54f16d55e4e284a8883a1a15c55a604efc1100c5d709a3a340253e2e8161fae7b24e62fdb16cb7e4c80aac0922b12ced6cd49aff98addf1
Static task
static1
Behavioral task
behavioral1
Sample
78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
-
Size
745KB
-
MD5
4e42432eb9f22bbb32ffb678d83d28e8
-
SHA1
b82054919c96ecec758471d6b2de6078561c52bb
-
SHA256
78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
-
SHA512
4a70fedcf8ddbaf5b54f16d55e4e284a8883a1a15c55a604efc1100c5d709a3a340253e2e8161fae7b24e62fdb16cb7e4c80aac0922b12ced6cd49aff98addf1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-