General
-
Target
18361d806862027eda0b32c781bf4350.exe
-
Size
2.3MB
-
Sample
220707-lg2hwsdah2
-
MD5
18361d806862027eda0b32c781bf4350
-
SHA1
cf0d7519c7920dcac956171dc8fef1cfbd4052ba
-
SHA256
f78ba534d6895837850f4b393ef4756446364d602c686fcb27cefd858d228b4d
-
SHA512
c042937dc1992bf02eecae9fea6d6481e6d4139444d27c2d69f2042bd048845a434077b998682aadaaa7a80d7d1bc69eba3015ced04ca35997e7c824f7f0452c
Static task
static1
Behavioral task
behavioral1
Sample
18361d806862027eda0b32c781bf4350.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
18361d806862027eda0b32c781bf4350.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
193.124.22.20:19788
-
auth_value
19c4940c98b20557ec4f2afbfb804747
Targets
-
-
Target
18361d806862027eda0b32c781bf4350.exe
-
Size
2.3MB
-
MD5
18361d806862027eda0b32c781bf4350
-
SHA1
cf0d7519c7920dcac956171dc8fef1cfbd4052ba
-
SHA256
f78ba534d6895837850f4b393ef4756446364d602c686fcb27cefd858d228b4d
-
SHA512
c042937dc1992bf02eecae9fea6d6481e6d4139444d27c2d69f2042bd048845a434077b998682aadaaa7a80d7d1bc69eba3015ced04ca35997e7c824f7f0452c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-