General
-
Target
5ab9ec7c1d9f7e184270d1f0432274996f8238ccc837dd5a14123dc6f8f0c20a
-
Size
308KB
-
Sample
230608-r42easgb55
-
MD5
fd0cfc18adb947afe38b93c9614db1bd
-
SHA1
1a8b2c1811ca231e2ce79b9c20425ff2de102928
-
SHA256
5ab9ec7c1d9f7e184270d1f0432274996f8238ccc837dd5a14123dc6f8f0c20a
-
SHA512
9490836923fb189e23e15b2e1adb6e058faccb4c6c80488164d125714419861958b2e3b550f59dc126433e61f053694a4fd084126ae4b2f9f28e14eb8fc7d231
-
SSDEEP
6144:/JieERFHLXwvTygXUNVS4MGh1aBFrvz1xcxcVt5PN:/JYR2yR1aBFrvz1xcxy5PN
Static task
static1
Behavioral task
behavioral1
Sample
5ab9ec7c1d9f7e184270d1f0432274996f8238ccc837dd5a14123dc6f8f0c20a.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
5ab9ec7c1d9f7e184270d1f0432274996f8238ccc837dd5a14123dc6f8f0c20a
-
Size
308KB
-
MD5
fd0cfc18adb947afe38b93c9614db1bd
-
SHA1
1a8b2c1811ca231e2ce79b9c20425ff2de102928
-
SHA256
5ab9ec7c1d9f7e184270d1f0432274996f8238ccc837dd5a14123dc6f8f0c20a
-
SHA512
9490836923fb189e23e15b2e1adb6e058faccb4c6c80488164d125714419861958b2e3b550f59dc126433e61f053694a4fd084126ae4b2f9f28e14eb8fc7d231
-
SSDEEP
6144:/JieERFHLXwvTygXUNVS4MGh1aBFrvz1xcxcVt5PN:/JYR2yR1aBFrvz1xcxy5PN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-