General
-
Target
fef8bde9ee65ca6ddb86b4384612640b6f1fdab7f9c48e79090e372f9dba472c
-
Size
308KB
-
Sample
230608-r2vhzagh2v
-
MD5
8397b3706e5caf6059b5d776551bc012
-
SHA1
639dd4af6a457b90450d602adffc5f9bf06ab393
-
SHA256
fef8bde9ee65ca6ddb86b4384612640b6f1fdab7f9c48e79090e372f9dba472c
-
SHA512
1dc0f55ed4c97d9d82ab045e5c29d17e79cd36cd64f387f568367bda139f70d06c7277fb09c2ec3a56b1509bc1925d0db21a694e073e12f95be94190bb8f8ebb
-
SSDEEP
6144:VJieURFHj6XwvTygXUNVS4MGh1aBFrvz1xcxcVt7P:VJIRxxyR1aBFrvz1xcxy7P
Static task
static1
Behavioral task
behavioral1
Sample
fef8bde9ee65ca6ddb86b4384612640b6f1fdab7f9c48e79090e372f9dba472c.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
fef8bde9ee65ca6ddb86b4384612640b6f1fdab7f9c48e79090e372f9dba472c
-
Size
308KB
-
MD5
8397b3706e5caf6059b5d776551bc012
-
SHA1
639dd4af6a457b90450d602adffc5f9bf06ab393
-
SHA256
fef8bde9ee65ca6ddb86b4384612640b6f1fdab7f9c48e79090e372f9dba472c
-
SHA512
1dc0f55ed4c97d9d82ab045e5c29d17e79cd36cd64f387f568367bda139f70d06c7277fb09c2ec3a56b1509bc1925d0db21a694e073e12f95be94190bb8f8ebb
-
SSDEEP
6144:VJieURFHj6XwvTygXUNVS4MGh1aBFrvz1xcxcVt7P:VJIRxxyR1aBFrvz1xcxy7P
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-