General
-
Target
file.exe
-
Size
1.3MB
-
Sample
230427-jcykbsed45
-
MD5
c9fc671394f808838d4c748a1c12f08b
-
SHA1
51baaa7ba4a3ef8a550a43bc5f251d8edf4757c3
-
SHA256
31f6dc2489aabbce556c7d27e1cc4e752acef6661d810b8863a130f9b65e66c7
-
SHA512
4330881077eb71081f37a915ea85667c387917f412b8b2fea0189159204801ec05fa3497f7f535028938c909623f6b45a5e35194e5e3cfc5643ef145571e756f
-
SSDEEP
12288:LroPentg4fY0pnjGv3zJzaOFKbi/qg5KZ:fCUg4uz5vF8iygAZ
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
special
176.123.9.142:14845
-
auth_value
bb28ee957fad348ef1dfce97134849bc
Targets
-
-
Target
file.exe
-
Size
1.3MB
-
MD5
c9fc671394f808838d4c748a1c12f08b
-
SHA1
51baaa7ba4a3ef8a550a43bc5f251d8edf4757c3
-
SHA256
31f6dc2489aabbce556c7d27e1cc4e752acef6661d810b8863a130f9b65e66c7
-
SHA512
4330881077eb71081f37a915ea85667c387917f412b8b2fea0189159204801ec05fa3497f7f535028938c909623f6b45a5e35194e5e3cfc5643ef145571e756f
-
SSDEEP
12288:LroPentg4fY0pnjGv3zJzaOFKbi/qg5KZ:fCUg4uz5vF8iygAZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-