General
-
Target
60974F5D63C5B3F74654B4703BF1A7B56662E016FF184.exe
-
Size
1.4MB
-
Sample
220910-n31jtsdgdr
-
MD5
e9a4f34e8ae18813cd5391c264a66e45
-
SHA1
abc1fd2eda12ea13dce39eeb7b695e70b4cac145
-
SHA256
60974f5d63c5b3f74654b4703bf1a7b56662e016ff184f675da1a78ac96c7b16
-
SHA512
5092cc311b2d0ff983bfb66cc50a62d3541fae4f5d7ef489ebd177c92dd3f2a6cb3615f4e82ff99c84f62ffedec117dbad3abf6e347da27c078c815c441e51e8
-
SSDEEP
24576:Q1GEXEZXOYPYCfy0GmoMkXdLeF2bVRbRfIR5tegepbjLh3RLu:Q1ZEZ2gu2R+bjLh3RC
Static task
static1
Behavioral task
behavioral1
Sample
60974F5D63C5B3F74654B4703BF1A7B56662E016FF184.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
60974F5D63C5B3F74654B4703BF1A7B56662E016FF184.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
h
95.217.55.221:25921
-
auth_value
4ff47750f2415702232d09cbc50b7130
Targets
-
-
Target
60974F5D63C5B3F74654B4703BF1A7B56662E016FF184.exe
-
Size
1.4MB
-
MD5
e9a4f34e8ae18813cd5391c264a66e45
-
SHA1
abc1fd2eda12ea13dce39eeb7b695e70b4cac145
-
SHA256
60974f5d63c5b3f74654b4703bf1a7b56662e016ff184f675da1a78ac96c7b16
-
SHA512
5092cc311b2d0ff983bfb66cc50a62d3541fae4f5d7ef489ebd177c92dd3f2a6cb3615f4e82ff99c84f62ffedec117dbad3abf6e347da27c078c815c441e51e8
-
SSDEEP
24576:Q1GEXEZXOYPYCfy0GmoMkXdLeF2bVRbRfIR5tegepbjLh3RLu:Q1ZEZ2gu2R+bjLh3RC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-