General
-
Target
2d4c6d3afba4eeee3895c60c42be285e.exe
-
Size
1.3MB
-
Sample
220705-z96j7sfag6
-
MD5
2d4c6d3afba4eeee3895c60c42be285e
-
SHA1
4a9951869b11d9393365507422bbbeee9ed282a8
-
SHA256
9afc87589b3c76f6c50238294539f53eb38a51f61b7d38db4637582f6b168692
-
SHA512
d7347c8ecb2773abd32e9edb1e8606057751ffc82f5659014f830d8287fa1784b398cf84b1974d45077c05997ced9cfe5ca3b6f0e68ee50af376c582db11f37d
Static task
static1
Behavioral task
behavioral1
Sample
2d4c6d3afba4eeee3895c60c42be285e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2d4c6d3afba4eeee3895c60c42be285e.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
185.106.92.20:33168
-
auth_value
473a7a67f3a5b581eee05af44809068a
Targets
-
-
Target
2d4c6d3afba4eeee3895c60c42be285e.exe
-
Size
1.3MB
-
MD5
2d4c6d3afba4eeee3895c60c42be285e
-
SHA1
4a9951869b11d9393365507422bbbeee9ed282a8
-
SHA256
9afc87589b3c76f6c50238294539f53eb38a51f61b7d38db4637582f6b168692
-
SHA512
d7347c8ecb2773abd32e9edb1e8606057751ffc82f5659014f830d8287fa1784b398cf84b1974d45077c05997ced9cfe5ca3b6f0e68ee50af376c582db11f37d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-