General
-
Target
Battle Seekers Launcher (Beta).exe
-
Size
4.1MB
-
Sample
221206-vvt6eage67
-
MD5
4881b2c1686d3fbb733ce0491f679a9c
-
SHA1
e4b5dca72da311237653818289518e5925344f09
-
SHA256
1c624915c8c7c82d436f0c5480fb8850d8fbb4c195e56d78d9ba438aa2f2305e
-
SHA512
707cf68396c00832ba2ae6249d90a392fb8b2e0fda1eab67520e8bb9baff76b4c6e9415259b5c1f454bdd907e1ab1b3fc9ebfe0d3ede1ad39acec24a3179563b
-
SSDEEP
98304:36a6T13ABtnyEZMkEPVcQFU1ko0zPrltOC4tihb:L6T13AHnyMMV9cskkBPb4tih
Static task
static1
Behavioral task
behavioral1
Sample
Battle Seekers Launcher (Beta).exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Battle Seekers Launcher (Beta).exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
xmas
79.137.199.206:45354
-
auth_value
47dd71225cb3a0a92188486269819009
Targets
-
-
Target
Battle Seekers Launcher (Beta).exe
-
Size
4.1MB
-
MD5
4881b2c1686d3fbb733ce0491f679a9c
-
SHA1
e4b5dca72da311237653818289518e5925344f09
-
SHA256
1c624915c8c7c82d436f0c5480fb8850d8fbb4c195e56d78d9ba438aa2f2305e
-
SHA512
707cf68396c00832ba2ae6249d90a392fb8b2e0fda1eab67520e8bb9baff76b4c6e9415259b5c1f454bdd907e1ab1b3fc9ebfe0d3ede1ad39acec24a3179563b
-
SSDEEP
98304:36a6T13ABtnyEZMkEPVcQFU1ko0zPrltOC4tihb:L6T13AHnyMMV9cskkBPb4tih
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-