General
-
Target
d434a19741b7854ed6c3f8f4a35bfbd0400516abc2a3b6297835df01a8b660cb
-
Size
239KB
-
Sample
230116-pcnm1sae9t
-
MD5
c13f79f3a549175a175e82bb335a7d08
-
SHA1
fed1581184a575f662b234a1572b3e0a247207a8
-
SHA256
d434a19741b7854ed6c3f8f4a35bfbd0400516abc2a3b6297835df01a8b660cb
-
SHA512
edefd04db56d108543419e8baaf30df992108412275458568206cf8554ab098204bc536ca895f6fad5f04389e687951edb334e2467905f6aa90a471560f967cc
-
SSDEEP
3072:kN+eckJ9E6A98QECSMHUCeDCDrD/9k6tSdtRqjtUy6XxTpfQ3Emxby1rrrrrrrrI:ockJ9zA98/0HO4tWvYsAl6rrrrrrrrI
Static task
static1
Behavioral task
behavioral1
Sample
d434a19741b7854ed6c3f8f4a35bfbd0400516abc2a3b6297835df01a8b660cb.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
1
librchichelpai.shop:81
rniwondunuifac.shop:81
-
auth_value
b6c86adb7106e9ee7247628f59e06830
Targets
-
-
Target
d434a19741b7854ed6c3f8f4a35bfbd0400516abc2a3b6297835df01a8b660cb
-
Size
239KB
-
MD5
c13f79f3a549175a175e82bb335a7d08
-
SHA1
fed1581184a575f662b234a1572b3e0a247207a8
-
SHA256
d434a19741b7854ed6c3f8f4a35bfbd0400516abc2a3b6297835df01a8b660cb
-
SHA512
edefd04db56d108543419e8baaf30df992108412275458568206cf8554ab098204bc536ca895f6fad5f04389e687951edb334e2467905f6aa90a471560f967cc
-
SSDEEP
3072:kN+eckJ9E6A98QECSMHUCeDCDrD/9k6tSdtRqjtUy6XxTpfQ3Emxby1rrrrrrrrI:ockJ9zA98/0HO4tWvYsAl6rrrrrrrrI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-