General
-
Target
4c0c9f5d16ba5bd35c1a00028e87a29ceedddb020d9d8e73334b1aee8cffc0a7
-
Size
25KB
-
Sample
220701-11dnhabbfp
-
MD5
e360f350a9bee9032562a8f03f2e66f7
-
SHA1
cf3d4c0892e0242718b268bfb8ef8fafc7bedf18
-
SHA256
4c0c9f5d16ba5bd35c1a00028e87a29ceedddb020d9d8e73334b1aee8cffc0a7
-
SHA512
966a3a02f7f5f016cd86f350b6a06d29f05f471b71dd92a6ba8287507dd7b2276446e1c5da77fcfb8e5d90dcc6bf95f6e466342440b7386bcfe3800475da1834
Static task
static1
Behavioral task
behavioral1
Sample
4c0c9f5d16ba5bd35c1a00028e87a29ceedddb020d9d8e73334b1aee8cffc0a7.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
build
172.93.213.137:7525
Targets
-
-
Target
4c0c9f5d16ba5bd35c1a00028e87a29ceedddb020d9d8e73334b1aee8cffc0a7
-
Size
25KB
-
MD5
e360f350a9bee9032562a8f03f2e66f7
-
SHA1
cf3d4c0892e0242718b268bfb8ef8fafc7bedf18
-
SHA256
4c0c9f5d16ba5bd35c1a00028e87a29ceedddb020d9d8e73334b1aee8cffc0a7
-
SHA512
966a3a02f7f5f016cd86f350b6a06d29f05f471b71dd92a6ba8287507dd7b2276446e1c5da77fcfb8e5d90dcc6bf95f6e466342440b7386bcfe3800475da1834
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-