General
-
Target
8da0dc8b3d8187e8ee9e27f32d899b98dbf5e7aa36da1864c37d7ff6b92fc222
-
Size
308KB
-
Sample
230608-rjmqeafh95
-
MD5
9be7a63b76bb7b07ac9a964572af5cb8
-
SHA1
583e73a6b31be67d86ddc4412da34ce7afcb1db3
-
SHA256
8da0dc8b3d8187e8ee9e27f32d899b98dbf5e7aa36da1864c37d7ff6b92fc222
-
SHA512
4f6584978e7c04e9e145c791f1f810d310650cdc894a0a735de9b23cc594667e8efe38e2ac361e2ded652a57dde3dabb6660713ca058acc369f0347360c66c4e
-
SSDEEP
6144:FJie0RFHCXwvTygXUNVS4MGh1aBFrvz1xcxcVtDPN:FJoRDyR1aBFrvz1xcxyDPN
Static task
static1
Behavioral task
behavioral1
Sample
8da0dc8b3d8187e8ee9e27f32d899b98dbf5e7aa36da1864c37d7ff6b92fc222.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
8da0dc8b3d8187e8ee9e27f32d899b98dbf5e7aa36da1864c37d7ff6b92fc222
-
Size
308KB
-
MD5
9be7a63b76bb7b07ac9a964572af5cb8
-
SHA1
583e73a6b31be67d86ddc4412da34ce7afcb1db3
-
SHA256
8da0dc8b3d8187e8ee9e27f32d899b98dbf5e7aa36da1864c37d7ff6b92fc222
-
SHA512
4f6584978e7c04e9e145c791f1f810d310650cdc894a0a735de9b23cc594667e8efe38e2ac361e2ded652a57dde3dabb6660713ca058acc369f0347360c66c4e
-
SSDEEP
6144:FJie0RFHCXwvTygXUNVS4MGh1aBFrvz1xcxcVtDPN:FJoRDyR1aBFrvz1xcxyDPN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-