General
-
Target
234c66dc304dd9fc71382a6db667adf012235c189b23c849b902b94fb8446e07
-
Size
1.2MB
-
Sample
220729-texe6abag5
-
MD5
610f45e860890aa17b10d76892abf71b
-
SHA1
5e9ed4e242e469bd1a833880a7cdeb2d34cbc993
-
SHA256
234c66dc304dd9fc71382a6db667adf012235c189b23c849b902b94fb8446e07
-
SHA512
ae6efe6dc11a1ff767b87ba64bc9db209514c6ad640d6932218850d7c946cdf26ac8f7adb15ffa573df4ccf2643b01b9806830695561a6fc883f39c441a837be
Static task
static1
Behavioral task
behavioral1
Sample
234c66dc304dd9fc71382a6db667adf012235c189b23c849b902b94fb8446e07.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
redline
top1
pemararslava.xyz:80
-
auth_value
e3ff30d1ffe0ffdb11211b351a0179a1
Targets
-
-
Target
234c66dc304dd9fc71382a6db667adf012235c189b23c849b902b94fb8446e07
-
Size
1.2MB
-
MD5
610f45e860890aa17b10d76892abf71b
-
SHA1
5e9ed4e242e469bd1a833880a7cdeb2d34cbc993
-
SHA256
234c66dc304dd9fc71382a6db667adf012235c189b23c849b902b94fb8446e07
-
SHA512
ae6efe6dc11a1ff767b87ba64bc9db209514c6ad640d6932218850d7c946cdf26ac8f7adb15ffa573df4ccf2643b01b9806830695561a6fc883f39c441a837be
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-