General
-
Target
34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3
-
Size
745KB
-
Sample
220613-mczn6sbgd8
-
MD5
afe3aa9bfb03904fe2037f6555f95085
-
SHA1
de6825b381987684eb6797eaea5c8ad452190e15
-
SHA256
34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3
-
SHA512
55e14f1221b5c79b936a072c5c460ce7867ad42a1495bf28cdb1f715574ab7e58b79db6a98c5fe39f1e0bb4d68aadd5da57ed6d26e80300112ceaf7609683321
Static task
static1
Behavioral task
behavioral1
Sample
34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3
-
Size
745KB
-
MD5
afe3aa9bfb03904fe2037f6555f95085
-
SHA1
de6825b381987684eb6797eaea5c8ad452190e15
-
SHA256
34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3
-
SHA512
55e14f1221b5c79b936a072c5c460ce7867ad42a1495bf28cdb1f715574ab7e58b79db6a98c5fe39f1e0bb4d68aadd5da57ed6d26e80300112ceaf7609683321
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-