General
-
Target
f4a31f6e2e285c641fc323b590fd21bd2feab5870f270d2bcea7907211a1b1d7
-
Size
715KB
-
Sample
220613-klq3aaehgm
-
MD5
9160584d2cc09745b6d046ed8eb80fed
-
SHA1
bb2ef30a4c9b5d1304e1d3f0b35ac34e7c4779a4
-
SHA256
f4a31f6e2e285c641fc323b590fd21bd2feab5870f270d2bcea7907211a1b1d7
-
SHA512
8215d9d69ed848ae2c89bcac5526784ea0e66bdc00c956c22acae1f9680276fb4262c1ab09cd36d0071c2cd92269f1fba4da6df2221fc416f2a20e7e6f50dae3
Static task
static1
Behavioral task
behavioral1
Sample
f4a31f6e2e285c641fc323b590fd21bd2feab5870f270d2bcea7907211a1b1d7.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
f4a31f6e2e285c641fc323b590fd21bd2feab5870f270d2bcea7907211a1b1d7
-
Size
715KB
-
MD5
9160584d2cc09745b6d046ed8eb80fed
-
SHA1
bb2ef30a4c9b5d1304e1d3f0b35ac34e7c4779a4
-
SHA256
f4a31f6e2e285c641fc323b590fd21bd2feab5870f270d2bcea7907211a1b1d7
-
SHA512
8215d9d69ed848ae2c89bcac5526784ea0e66bdc00c956c22acae1f9680276fb4262c1ab09cd36d0071c2cd92269f1fba4da6df2221fc416f2a20e7e6f50dae3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-