General
-
Target
b3f7cd565f85a94286ceafb7ce1644e68d59b4dfa5a0a94cf2961fceeffc9479
-
Size
308KB
-
Sample
230608-rqtsasga57
-
MD5
97a60da1a41d022287b9368f3719779e
-
SHA1
5bba3c690af53172640f5d9de0ea2bc7f47e9d6e
-
SHA256
b3f7cd565f85a94286ceafb7ce1644e68d59b4dfa5a0a94cf2961fceeffc9479
-
SHA512
263b2d4eee94f92f500dd9a33d77b5362ee3d542a016f4ca96b4b681c253e833e20b6cb174847656714e2948600cf5e7980358255188997a7a124554c6bfa06b
-
SSDEEP
6144:CJieURFHdDXwvTygXUNVS4MGh1aBFrvz1xcxcVtqPf:CJIR0yR1aBFrvz1xcxyqPf
Static task
static1
Behavioral task
behavioral1
Sample
b3f7cd565f85a94286ceafb7ce1644e68d59b4dfa5a0a94cf2961fceeffc9479.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
b3f7cd565f85a94286ceafb7ce1644e68d59b4dfa5a0a94cf2961fceeffc9479
-
Size
308KB
-
MD5
97a60da1a41d022287b9368f3719779e
-
SHA1
5bba3c690af53172640f5d9de0ea2bc7f47e9d6e
-
SHA256
b3f7cd565f85a94286ceafb7ce1644e68d59b4dfa5a0a94cf2961fceeffc9479
-
SHA512
263b2d4eee94f92f500dd9a33d77b5362ee3d542a016f4ca96b4b681c253e833e20b6cb174847656714e2948600cf5e7980358255188997a7a124554c6bfa06b
-
SSDEEP
6144:CJieURFHdDXwvTygXUNVS4MGh1aBFrvz1xcxcVtqPf:CJIR0yR1aBFrvz1xcxyqPf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-