General
-
Target
f8a4faacc58569713cc6dd3e5337fb9aa00b404d5534cf336ef8e80e720a6dd9
-
Size
2.5MB
-
Sample
220802-hfpk6acad3
-
MD5
d831772aa4ef469783de36afc3dae331
-
SHA1
f8d5426e13889e220c58153d8461a55be0fd8a5d
-
SHA256
f8a4faacc58569713cc6dd3e5337fb9aa00b404d5534cf336ef8e80e720a6dd9
-
SHA512
80dbfbceb2d0dc626e127354541fd668a5815f7b7aa6922f231b2aefca5299f95b11c404125c89693f45439613226a5f9b06d0197de482d46105bc531baacef5
Static task
static1
Behavioral task
behavioral1
Sample
f8a4faacc58569713cc6dd3e5337fb9aa00b404d5534cf336ef8e80e720a6dd9.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
top1
pemararslava.xyz:80
-
auth_value
e3ff30d1ffe0ffdb11211b351a0179a1
Targets
-
-
Target
f8a4faacc58569713cc6dd3e5337fb9aa00b404d5534cf336ef8e80e720a6dd9
-
Size
2.5MB
-
MD5
d831772aa4ef469783de36afc3dae331
-
SHA1
f8d5426e13889e220c58153d8461a55be0fd8a5d
-
SHA256
f8a4faacc58569713cc6dd3e5337fb9aa00b404d5534cf336ef8e80e720a6dd9
-
SHA512
80dbfbceb2d0dc626e127354541fd668a5815f7b7aa6922f231b2aefca5299f95b11c404125c89693f45439613226a5f9b06d0197de482d46105bc531baacef5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-