General
-
Target
802bd614cedfd9dc9bee28bc6d3a45e8.exe
-
Size
2.1MB
-
Sample
230121-dwxt9aad96
-
MD5
802bd614cedfd9dc9bee28bc6d3a45e8
-
SHA1
3c750bf34a87f59a26d46a05e174b7609ea38e62
-
SHA256
4c7246951166a11ba0ed2577de2949f1226b606d1c9a64e4a063e84e2e1def1e
-
SHA512
2b0ca049bdc3cbd8cdd256c3e9a52d68b8eb9022209fd4cdea2fb09a694c14ffc853b38c4194fef532e64586f686818e4ec6a5cd7cfa6f2e392186d1f2bb72ee
-
SSDEEP
6144:6foea8KXZ29zmDrQ/fzX5BzML0trXSnMwIOb3IWOdn13:6dbMsUwBWSrXSnMwIyd213
Static task
static1
Behavioral task
behavioral1
Sample
802bd614cedfd9dc9bee28bc6d3a45e8.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
802bd614cedfd9dc9bee28bc6d3a45e8.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
13
194.87.199.66:8644
-
auth_value
fda50e7057988ab2816c22a840c24dab
Targets
-
-
Target
802bd614cedfd9dc9bee28bc6d3a45e8.exe
-
Size
2.1MB
-
MD5
802bd614cedfd9dc9bee28bc6d3a45e8
-
SHA1
3c750bf34a87f59a26d46a05e174b7609ea38e62
-
SHA256
4c7246951166a11ba0ed2577de2949f1226b606d1c9a64e4a063e84e2e1def1e
-
SHA512
2b0ca049bdc3cbd8cdd256c3e9a52d68b8eb9022209fd4cdea2fb09a694c14ffc853b38c4194fef532e64586f686818e4ec6a5cd7cfa6f2e392186d1f2bb72ee
-
SSDEEP
6144:6foea8KXZ29zmDrQ/fzX5BzML0trXSnMwIOb3IWOdn13:6dbMsUwBWSrXSnMwIyd213
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-