General
-
Target
Loader Ver3.1.rar
-
Size
5.6MB
-
Sample
220920-yr4r8aecd7
-
MD5
7b7a6dbbce33c9aa6a798d622d11dbe7
-
SHA1
6d44d9af8d62c83dc8cd3b579210857009093ffa
-
SHA256
14dc7cf045dda9a5ee21a4baf5e359b1c892f87b1834fc707d8b8d707793bb94
-
SHA512
8133decbe050eb5f368b40ce7e021da67b08d3d3c7e0e9a2d3316978b5f1ab40bb7b4a4467800b803d7ef133d69a9836531a8763b5409c99f15c54727f808496
-
SSDEEP
98304:N4SIbgx6sMlo69crK4pevCui6THGMoFM/5PNpyyUxYGP+O:ySIbQpMloDrK4ifTVoFSP3FUxYGWO
Static task
static1
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Loader.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
1851281290_99
tapucan.xyz:28786
-
auth_value
82f98d7ce7c6a5819bc7d092b2745dc0
Targets
-
-
Target
Loader.exe
-
Size
666.3MB
-
MD5
548b7c504d22535e28fc9362fade7d04
-
SHA1
5e3376b4826f033721f7e902f388bcec65d1c79c
-
SHA256
a7192c621a46802fc459614749911caabcc70b662b6afe94b8a69ef6c1bdee78
-
SHA512
b073c1b20882eef864e3a1a21b7e9ff154a33edbd4890bb4a69da735c28a50d3f52aa345416c441877d156a0cb2db428b2f9f2e73c678012efef9131fa8c3e6d
-
SSDEEP
24576:w1H6f+kpiwSRyWJ2YqYYxKdty7MUtdPqZ36J+d+Vuti1P4bGRfXRL1aQG9l3RuQd:wBzkswSRyfKDTi1P4bGRfXRxaN9l3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-