General
-
Target
183d70c9ee43317367a8790e10f1511f.exe
-
Size
1.4MB
-
Sample
220805-n9qm7sabdl
-
MD5
183d70c9ee43317367a8790e10f1511f
-
SHA1
c851ef510d3d60e2193184ecfecb9ea88f5d26d5
-
SHA256
af7ce0200fe43b53a6302e15669a997809a53334564aa01531f44579025727dd
-
SHA512
0d939d44cbf6200bfdc285160bf45431174d3b637ba6d685db3ba85562f439423373a57f7a00bda6e25ee47c5ea60bdfec999fd5f55796edf5f6d0a550c2a08f
Static task
static1
Behavioral task
behavioral1
Sample
183d70c9ee43317367a8790e10f1511f.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
183d70c9ee43317367a8790e10f1511f.exe
Resource
win10v2004-20220722-en
Malware Config
Extracted
redline
h
185.108.223.124:41034
-
auth_value
7c40f30b767fb5b93131b0053ccd7070
Targets
-
-
Target
183d70c9ee43317367a8790e10f1511f.exe
-
Size
1.4MB
-
MD5
183d70c9ee43317367a8790e10f1511f
-
SHA1
c851ef510d3d60e2193184ecfecb9ea88f5d26d5
-
SHA256
af7ce0200fe43b53a6302e15669a997809a53334564aa01531f44579025727dd
-
SHA512
0d939d44cbf6200bfdc285160bf45431174d3b637ba6d685db3ba85562f439423373a57f7a00bda6e25ee47c5ea60bdfec999fd5f55796edf5f6d0a550c2a08f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-