General
-
Target
5331428611e6a398284611837de8d995d012abbc444f69acfdfb370ef6655f88
-
Size
3.7MB
-
Sample
230124-mr9spaca8v
-
MD5
c45975c51ac3505646133f98f1c62bca
-
SHA1
47380c1e4c08ea9d3a80c849e18d4af5c79753e3
-
SHA256
5331428611e6a398284611837de8d995d012abbc444f69acfdfb370ef6655f88
-
SHA512
fa8a3642cd9c0df1695947ba8016afd688f432d12075f33138a1015ed3e1767a36ae604d2b6e8f115497df0645bd70bc03f8fe22379dc9c454cba0d8440edb8e
-
SSDEEP
98304:l5V+XL/9v+YT5sUZI3VX6L9Ji5R3RsuznwhxkiC:bQb9v+m5aVy9Jixsu0xK
Static task
static1
Behavioral task
behavioral1
Sample
5331428611e6a398284611837de8d995d012abbc444f69acfdfb370ef6655f88.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
st1
librchichelpai.shop:81
rniwondunuifac.shop:81
-
auth_value
a7232a45d6034ee2454fc434093d8f12
Targets
-
-
Target
5331428611e6a398284611837de8d995d012abbc444f69acfdfb370ef6655f88
-
Size
3.7MB
-
MD5
c45975c51ac3505646133f98f1c62bca
-
SHA1
47380c1e4c08ea9d3a80c849e18d4af5c79753e3
-
SHA256
5331428611e6a398284611837de8d995d012abbc444f69acfdfb370ef6655f88
-
SHA512
fa8a3642cd9c0df1695947ba8016afd688f432d12075f33138a1015ed3e1767a36ae604d2b6e8f115497df0645bd70bc03f8fe22379dc9c454cba0d8440edb8e
-
SSDEEP
98304:l5V+XL/9v+YT5sUZI3VX6L9Ji5R3RsuznwhxkiC:bQb9v+m5aVy9Jixsu0xK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-