General
-
Target
5fee060bb26c37da4d1205d84d457ed8513e59987a41a0ad094451f4ff14e4d8
-
Size
1.4MB
-
Sample
230125-aac16sfh5x
-
MD5
58768775fb249bfb2aa735b56d3a1fec
-
SHA1
efcede7f10c967a247d00f88404101475158f161
-
SHA256
5fee060bb26c37da4d1205d84d457ed8513e59987a41a0ad094451f4ff14e4d8
-
SHA512
21557d094db1a34ef105fae71c890002df6367d57d72a55c0ebe6b05479d9433e1d3d2d54530c21c3b303e720acc6aed7368de79fb75c457ea2189db8b08ec33
-
SSDEEP
24576:SeUtDZymgB2iuW3dBTn1H+OuznaXlEiSoMgFLo3dDGe02VWr2lHMhxqqipo:pUbCoKdBT1eOuzaXlEi8uX57sHMIq/
Static task
static1
Behavioral task
behavioral1
Sample
5fee060bb26c37da4d1205d84d457ed8513e59987a41a0ad094451f4ff14e4d8.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
TORRENTOLD
amrican-sport-live-stream.cc:4581
-
auth_value
74e1b58bf920611f04c0e3919954fe05
Targets
-
-
Target
5fee060bb26c37da4d1205d84d457ed8513e59987a41a0ad094451f4ff14e4d8
-
Size
1.4MB
-
MD5
58768775fb249bfb2aa735b56d3a1fec
-
SHA1
efcede7f10c967a247d00f88404101475158f161
-
SHA256
5fee060bb26c37da4d1205d84d457ed8513e59987a41a0ad094451f4ff14e4d8
-
SHA512
21557d094db1a34ef105fae71c890002df6367d57d72a55c0ebe6b05479d9433e1d3d2d54530c21c3b303e720acc6aed7368de79fb75c457ea2189db8b08ec33
-
SSDEEP
24576:SeUtDZymgB2iuW3dBTn1H+OuznaXlEiSoMgFLo3dDGe02VWr2lHMhxqqipo:pUbCoKdBT1eOuzaXlEi8uX57sHMIq/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-