General
-
Target
48eada5c99144a97c4085b40522c34d3ac02e051d3915a3cdfa84d837b0a8833
-
Size
2.7MB
-
Sample
220926-r687xsbbb7
-
MD5
1db83de37c77220665b2a882867cc3a7
-
SHA1
3561595a37bd19e72f3ca326140e4c496a0f1923
-
SHA256
48eada5c99144a97c4085b40522c34d3ac02e051d3915a3cdfa84d837b0a8833
-
SHA512
3ae4d5928df61d39cf1290fc40eb60366a07ea8d13ab604425a6f72c8b1c7f2bfe3c735692c2b8a6ea241c74a6118de58d32e6d64a5dfefb13ee940298aab619
-
SSDEEP
24576:rnkY1D4Iz3KeFbiaktYRY1OOSQGQMFSxdTraixMAwld8v3iAJ6pVRWEc5LIBoQl6:wY1kI7Zbiaoi5O3lQpnWEc5gl3K
Static task
static1
Behavioral task
behavioral1
Sample
48eada5c99144a97c4085b40522c34d3ac02e051d3915a3cdfa84d837b0a8833.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
installskript
185.224.133.182:16382
-
auth_value
f7f5626eb8e9e541c2d17255f9d8f755
Targets
-
-
Target
48eada5c99144a97c4085b40522c34d3ac02e051d3915a3cdfa84d837b0a8833
-
Size
2.7MB
-
MD5
1db83de37c77220665b2a882867cc3a7
-
SHA1
3561595a37bd19e72f3ca326140e4c496a0f1923
-
SHA256
48eada5c99144a97c4085b40522c34d3ac02e051d3915a3cdfa84d837b0a8833
-
SHA512
3ae4d5928df61d39cf1290fc40eb60366a07ea8d13ab604425a6f72c8b1c7f2bfe3c735692c2b8a6ea241c74a6118de58d32e6d64a5dfefb13ee940298aab619
-
SSDEEP
24576:rnkY1D4Iz3KeFbiaktYRY1OOSQGQMFSxdTraixMAwld8v3iAJ6pVRWEc5LIBoQl6:wY1kI7Zbiaoi5O3lQpnWEc5gl3K
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-