General
-
Target
3088a67d194464523155469883384a4ce31561a687eb043193626413a04d1c47
-
Size
715KB
-
Sample
220613-kqb4xsfaem
-
MD5
b2597ec77776f532e80fd523ce07a24c
-
SHA1
221e5ac386e26433741fdea18d5b4900608fb546
-
SHA256
3088a67d194464523155469883384a4ce31561a687eb043193626413a04d1c47
-
SHA512
c81f4a8507f49c0a0cf2f968002612c29a8f65e9788a66c658e1f99f36d919f7ecdbbfa61c848eb96e89f9eaa7fcf713a5625a6822e49cd0e801a2137bd39735
Static task
static1
Behavioral task
behavioral1
Sample
3088a67d194464523155469883384a4ce31561a687eb043193626413a04d1c47.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
3088a67d194464523155469883384a4ce31561a687eb043193626413a04d1c47
-
Size
715KB
-
MD5
b2597ec77776f532e80fd523ce07a24c
-
SHA1
221e5ac386e26433741fdea18d5b4900608fb546
-
SHA256
3088a67d194464523155469883384a4ce31561a687eb043193626413a04d1c47
-
SHA512
c81f4a8507f49c0a0cf2f968002612c29a8f65e9788a66c658e1f99f36d919f7ecdbbfa61c848eb96e89f9eaa7fcf713a5625a6822e49cd0e801a2137bd39735
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-