General
-
Target
a60e7dcfb2cd0bfa53819aabe4323f70.exe
-
Size
3.9MB
-
Sample
220816-tagh5sahfl
-
MD5
a60e7dcfb2cd0bfa53819aabe4323f70
-
SHA1
25074d7f34d98adf057fb0f135c89fc636502d6c
-
SHA256
13d02493c68c2b27115bb86059c133425f0b79bba2749081e606627fe8c7cad1
-
SHA512
034e2db3779e2ecc3d0da9da8346a6afbce8a32f7a9c248b7e9fa4134c1f8704cfd1191704e8f5761252d7b8b2d062039188f6c153bc953b5efdf8819cbdded4
-
SSDEEP
98304:EazVezCug4V6O2PBZzREDW9sViughaPPltwzO1due:DVve2PLt4WTgPPYzYu
Static task
static1
Behavioral task
behavioral1
Sample
a60e7dcfb2cd0bfa53819aabe4323f70.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a60e7dcfb2cd0bfa53819aabe4323f70.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
youtube
185.106.93.36:23283
-
auth_value
e07261533d32c87b7a9e908cb5684579
Targets
-
-
Target
a60e7dcfb2cd0bfa53819aabe4323f70.exe
-
Size
3.9MB
-
MD5
a60e7dcfb2cd0bfa53819aabe4323f70
-
SHA1
25074d7f34d98adf057fb0f135c89fc636502d6c
-
SHA256
13d02493c68c2b27115bb86059c133425f0b79bba2749081e606627fe8c7cad1
-
SHA512
034e2db3779e2ecc3d0da9da8346a6afbce8a32f7a9c248b7e9fa4134c1f8704cfd1191704e8f5761252d7b8b2d062039188f6c153bc953b5efdf8819cbdded4
-
SSDEEP
98304:EazVezCug4V6O2PBZzREDW9sViughaPPltwzO1due:DVve2PLt4WTgPPYzYu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-