General
-
Target
ModestMenuKiddions.rar
-
Size
3.2MB
-
Sample
230515-y4mpgafg2v
-
MD5
746a0c8b3a8e10687b9df13d9c6e2ceb
-
SHA1
bcfb832d353b264a5748ea8e7b1270c0d19fee14
-
SHA256
9db15c95199ed68863e8d8d3dda450aa3f65fb004fb88d41ece74e7615074a68
-
SHA512
c8a7d69b3b176c8de8ad86a72aeee5041251fd75d8126919a6c20547372fa92a581dc0cec4ebf181c22a47e2360892026ad3d1df44b9525b0080799546981c66
-
SSDEEP
98304:8kZMvJZeAGW4jGtiKVxftQePq8wcg1d/NjlI4Fauyrzn:RGBZ3Cj3KVxWBHm4guyrD
Static task
static1
Behavioral task
behavioral1
Sample
Kiddions/KiddionsModest.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Kiddions/KiddionsModest.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
@dxrkl0rd
45.15.156.170:43588
-
auth_value
9c8dd7353be7ed4b6832da21d8d0d902
Targets
-
-
Target
Kiddions/KiddionsModest.exe
-
Size
476.8MB
-
MD5
e6d1550517cff7bd568fc6a35145390d
-
SHA1
cd0eaa64ada36aa05254220ed053f8c1d71a4341
-
SHA256
10fe66c48781cbad9860ab9ed678091d95a629d2745b2686937e4334fa1d3400
-
SHA512
de1f44fa954a1812aeccc4295139cc7585c88b29240772d11dbc75a03460d1e8a2369b958fb056b92f607dd26c11abdea4ccb25c34773f5b7930da71d2900b79
-
SSDEEP
6144:/inZpREVUCsshIz9S7VAOSBs6sy70044ZdNiMaW6jq:anZpOGshI4Vws6sq074ZLi
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-