General
-
Target
4bed6caa012263d6127c6f33e9bc8fe327198f63452d0fac956b361bb6d578c5
-
Size
285KB
-
Sample
230328-mm35caad99
-
MD5
8f6d73ff83b4d87e2a35419996d2303f
-
SHA1
2a97c857a9ec00d386a1151d55d263afb3915d26
-
SHA256
4bed6caa012263d6127c6f33e9bc8fe327198f63452d0fac956b361bb6d578c5
-
SHA512
0a2896abd039ec7ad5abc73cb693e480dc96ee9caa6db9f6faf5e4486a854fd915c94ad09670014b94ebd0d66820fcbf39aff44d70156d5b8a56cb4f977f0581
-
SSDEEP
6144:pfUwOIEK84WQsykAeYIkAeYUaMImg8C0QuaZ1AntQQAA7B2RV+13R:pfUwOIEK84WQsykAeYIkAeYUaMImg8Co
Static task
static1
Behavioral task
behavioral1
Sample
4bed6caa012263d6127c6f33e9bc8fe327198f63452d0fac956b361bb6d578c5.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
135.181.173.163:4324
-
auth_value
a909e2aaecf96137978fea4f86400b9b
Targets
-
-
Target
4bed6caa012263d6127c6f33e9bc8fe327198f63452d0fac956b361bb6d578c5
-
Size
285KB
-
MD5
8f6d73ff83b4d87e2a35419996d2303f
-
SHA1
2a97c857a9ec00d386a1151d55d263afb3915d26
-
SHA256
4bed6caa012263d6127c6f33e9bc8fe327198f63452d0fac956b361bb6d578c5
-
SHA512
0a2896abd039ec7ad5abc73cb693e480dc96ee9caa6db9f6faf5e4486a854fd915c94ad09670014b94ebd0d66820fcbf39aff44d70156d5b8a56cb4f977f0581
-
SSDEEP
6144:pfUwOIEK84WQsykAeYIkAeYUaMImg8C0QuaZ1AntQQAA7B2RV+13R:pfUwOIEK84WQsykAeYIkAeYUaMImg8Co
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-