General
-
Target
1c5c68369bf3d0d615edfc3d760070f7.exe
-
Size
2.4MB
-
Sample
220705-vz4kmsbcgp
-
MD5
1c5c68369bf3d0d615edfc3d760070f7
-
SHA1
ccb0d2e9f74b55b77313dbbb01024161b6ad9112
-
SHA256
a8946790919846ad03640f1ac35962e092e96ba02344a004a65eae31c7080d17
-
SHA512
082935677bc3b2277dd5d404072307f5fbeb10c3acdee601a1abef7f95a9fa61d8c4fe59d31d217ebce4c8ac7ec843b7b92a298a5eca5ce7230bf58ef49f0caa
Static task
static1
Behavioral task
behavioral1
Sample
1c5c68369bf3d0d615edfc3d760070f7.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1c5c68369bf3d0d615edfc3d760070f7.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
91.219.63.181:19868
-
auth_value
f207ca59aef487891ec6fd307ac196e5
Targets
-
-
Target
1c5c68369bf3d0d615edfc3d760070f7.exe
-
Size
2.4MB
-
MD5
1c5c68369bf3d0d615edfc3d760070f7
-
SHA1
ccb0d2e9f74b55b77313dbbb01024161b6ad9112
-
SHA256
a8946790919846ad03640f1ac35962e092e96ba02344a004a65eae31c7080d17
-
SHA512
082935677bc3b2277dd5d404072307f5fbeb10c3acdee601a1abef7f95a9fa61d8c4fe59d31d217ebce4c8ac7ec843b7b92a298a5eca5ce7230bf58ef49f0caa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-