General
-
Target
513de1ec55d1794ee00f2d5fd8873e8dc0d848bf65d44e4b542170f50415d708
-
Size
347KB
-
Sample
221109-21b1cachc9
-
MD5
b3e1efe59092fb2faece0b262e6bad4a
-
SHA1
44400848df05d59fa64549a6f07ded31ca1f3cce
-
SHA256
513de1ec55d1794ee00f2d5fd8873e8dc0d848bf65d44e4b542170f50415d708
-
SHA512
6c6c469ebfd5eefabf9c60d3c4f48f20d5bee2fb1dc91ffe38930a43c91d8ce9198b8512c48a89d0ce1acf20edb84f4fc42c0efb9f560bce8c66f875825d4cc7
-
SSDEEP
6144:XCn591vv3O4WKk7xaoJ5E0npYLaBPiOpAOeSUL:k591vGxad+7BPzpnc
Static task
static1
Behavioral task
behavioral1
Sample
513de1ec55d1794ee00f2d5fd8873e8dc0d848bf65d44e4b542170f50415d708.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
513de1ec55d1794ee00f2d5fd8873e8dc0d848bf65d44e4b542170f50415d708.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
Test1
45.15.156.48:8285
-
auth_value
3ec6815aabd0bab316e997c1c7898294
Targets
-
-
Target
513de1ec55d1794ee00f2d5fd8873e8dc0d848bf65d44e4b542170f50415d708
-
Size
347KB
-
MD5
b3e1efe59092fb2faece0b262e6bad4a
-
SHA1
44400848df05d59fa64549a6f07ded31ca1f3cce
-
SHA256
513de1ec55d1794ee00f2d5fd8873e8dc0d848bf65d44e4b542170f50415d708
-
SHA512
6c6c469ebfd5eefabf9c60d3c4f48f20d5bee2fb1dc91ffe38930a43c91d8ce9198b8512c48a89d0ce1acf20edb84f4fc42c0efb9f560bce8c66f875825d4cc7
-
SSDEEP
6144:XCn591vv3O4WKk7xaoJ5E0npYLaBPiOpAOeSUL:k591vGxad+7BPzpnc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-