General
-
Target
2767063cd254ba4d4387b141d8c749d60f47b955ee0c67be61d56fd4da393fec
-
Size
745KB
-
Sample
220613-lksp6afchj
-
MD5
f34c6e0ea0a2c9247d5a0e36d635852d
-
SHA1
369f9bc22c48f1d988456ab69d777314c83f2e6e
-
SHA256
2767063cd254ba4d4387b141d8c749d60f47b955ee0c67be61d56fd4da393fec
-
SHA512
adf2ec317fb8977b67cbd53b699c04b1a47264ddd2be5eddf7950b84326c7d94b6c6824b407fa8d212064c32873393c3ff1ebf9fb6aa11efef94fcbdffb9076d
Static task
static1
Behavioral task
behavioral1
Sample
2767063cd254ba4d4387b141d8c749d60f47b955ee0c67be61d56fd4da393fec.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
2767063cd254ba4d4387b141d8c749d60f47b955ee0c67be61d56fd4da393fec
-
Size
745KB
-
MD5
f34c6e0ea0a2c9247d5a0e36d635852d
-
SHA1
369f9bc22c48f1d988456ab69d777314c83f2e6e
-
SHA256
2767063cd254ba4d4387b141d8c749d60f47b955ee0c67be61d56fd4da393fec
-
SHA512
adf2ec317fb8977b67cbd53b699c04b1a47264ddd2be5eddf7950b84326c7d94b6c6824b407fa8d212064c32873393c3ff1ebf9fb6aa11efef94fcbdffb9076d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-