General
-
Target
9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449
-
Size
745KB
-
Sample
220613-l4acxsfecj
-
MD5
bfcfa870a9098c3f3bda4d22e2bd0197
-
SHA1
107851fae7cba87513356559d88446ba3e2d6a8e
-
SHA256
9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449
-
SHA512
0c77be51bc4bbd12d35d7888323941de7a9153f4db0e9fd689ed6e11e207e2297f879fc47540ba349fcb123d43d1ed44ebdd3d0c1c172c847c228f88af47656a
Static task
static1
Behavioral task
behavioral1
Sample
9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449
-
Size
745KB
-
MD5
bfcfa870a9098c3f3bda4d22e2bd0197
-
SHA1
107851fae7cba87513356559d88446ba3e2d6a8e
-
SHA256
9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449
-
SHA512
0c77be51bc4bbd12d35d7888323941de7a9153f4db0e9fd689ed6e11e207e2297f879fc47540ba349fcb123d43d1ed44ebdd3d0c1c172c847c228f88af47656a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-