General
-
Target
792deb452983410ca8d4cc963c27363a5b5810a26114bfde915779a60fdf1491
-
Size
2.5MB
-
Sample
220731-gvqakacaa5
-
MD5
271530a1d3e1e350f2e0bcb0e1ce3ec9
-
SHA1
6a01d696d6651ca5554e6d69b29e657bf5105699
-
SHA256
792deb452983410ca8d4cc963c27363a5b5810a26114bfde915779a60fdf1491
-
SHA512
c598083eff36649cccb30fc785ef5366247a5f1f7082ddd77d684a4fa6e2acb74990c9f8ddfcc69e41d200706b4c598564668f1faadf9bb9043e9d02b8bf2169
Static task
static1
Behavioral task
behavioral1
Sample
792deb452983410ca8d4cc963c27363a5b5810a26114bfde915779a60fdf1491.exe
Resource
win10v2004-20220722-en
Malware Config
Extracted
redline
top1
pemararslava.xyz:80
-
auth_value
e3ff30d1ffe0ffdb11211b351a0179a1
Targets
-
-
Target
792deb452983410ca8d4cc963c27363a5b5810a26114bfde915779a60fdf1491
-
Size
2.5MB
-
MD5
271530a1d3e1e350f2e0bcb0e1ce3ec9
-
SHA1
6a01d696d6651ca5554e6d69b29e657bf5105699
-
SHA256
792deb452983410ca8d4cc963c27363a5b5810a26114bfde915779a60fdf1491
-
SHA512
c598083eff36649cccb30fc785ef5366247a5f1f7082ddd77d684a4fa6e2acb74990c9f8ddfcc69e41d200706b4c598564668f1faadf9bb9043e9d02b8bf2169
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-