General
-
Target
79c4f2f2536f9c1b22a4abfe8d8ce14c35cfc6ecdf7c2113fd9b5f163fdb60fb
-
Size
308KB
-
Sample
230608-r15bsagb25
-
MD5
5e7d5478670dd9951da9d56be9c3174a
-
SHA1
1aae6890600860240fb7001241e1a0d08ec6ec5b
-
SHA256
79c4f2f2536f9c1b22a4abfe8d8ce14c35cfc6ecdf7c2113fd9b5f163fdb60fb
-
SHA512
eddc8210eb56cbe401e1badd152b2ee7b4f97740b85b302fc19cfed2349a5df9f650f33ad7dbcccd07255092ab8c3775daebcfe06cc95d4413ce3b7c5f7b776c
-
SSDEEP
6144:VJieURFHj6XwvTygXUNVS4MGh1aBFrvz1xcxcVt7PN:VJIRxxyR1aBFrvz1xcxy7PN
Static task
static1
Behavioral task
behavioral1
Sample
79c4f2f2536f9c1b22a4abfe8d8ce14c35cfc6ecdf7c2113fd9b5f163fdb60fb.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
79c4f2f2536f9c1b22a4abfe8d8ce14c35cfc6ecdf7c2113fd9b5f163fdb60fb
-
Size
308KB
-
MD5
5e7d5478670dd9951da9d56be9c3174a
-
SHA1
1aae6890600860240fb7001241e1a0d08ec6ec5b
-
SHA256
79c4f2f2536f9c1b22a4abfe8d8ce14c35cfc6ecdf7c2113fd9b5f163fdb60fb
-
SHA512
eddc8210eb56cbe401e1badd152b2ee7b4f97740b85b302fc19cfed2349a5df9f650f33ad7dbcccd07255092ab8c3775daebcfe06cc95d4413ce3b7c5f7b776c
-
SSDEEP
6144:VJieURFHj6XwvTygXUNVS4MGh1aBFrvz1xcxcVt7PN:VJIRxxyR1aBFrvz1xcxy7PN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-