General
-
Target
setup_1672269576.7470105.exe
-
Size
741.9MB
-
Sample
221229-a2pjaaca83
-
MD5
c2dbf7d8557eec0f260ba9d846edff99
-
SHA1
7cd3035f2b43d4a2a24e72d8019d9d3caa6a3920
-
SHA256
b1963e0039867cc0186325bd199ab5d26a38e8099784c7e7255d0fe38e42ac52
-
SHA512
5886b2ba22e509c7268750e656e7fafb16bd5c05b544185326b817abbdb2d8e1bb389ce10155f74557e1d365f9e67d3fed71c56d9b539a179a67f2440f27275a
-
SSDEEP
6144:a5YUA8cX4JrpYBzI2YsoUmpdIfIX1r0877TsT:sv2YImpGo1r0E0T
Static task
static1
Behavioral task
behavioral1
Sample
setup_1672269576.7470105.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
setup_1672269576.7470105.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
1086881322_99
sevenways.top:3306
sevenways.top:28786
-
auth_value
c7b4b3ad5c912786e8dea8b34a307b0d
Targets
-
-
Target
setup_1672269576.7470105.exe
-
Size
741.9MB
-
MD5
c2dbf7d8557eec0f260ba9d846edff99
-
SHA1
7cd3035f2b43d4a2a24e72d8019d9d3caa6a3920
-
SHA256
b1963e0039867cc0186325bd199ab5d26a38e8099784c7e7255d0fe38e42ac52
-
SHA512
5886b2ba22e509c7268750e656e7fafb16bd5c05b544185326b817abbdb2d8e1bb389ce10155f74557e1d365f9e67d3fed71c56d9b539a179a67f2440f27275a
-
SSDEEP
6144:a5YUA8cX4JrpYBzI2YsoUmpdIfIX1r0877TsT:sv2YImpGo1r0E0T
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-