General
-
Target
ed65b96368b266ac147d5ad9683bef4e28dc74b37e70f2c1d732964bfc8cae52
-
Size
308KB
-
Sample
230608-rsreysgg5y
-
MD5
95f82a3813a23b1612306c0b635d73c8
-
SHA1
f224db4466b77db6851f0ec38a1b59ebd85b3a47
-
SHA256
ed65b96368b266ac147d5ad9683bef4e28dc74b37e70f2c1d732964bfc8cae52
-
SHA512
67015680cc53f27304bc5c303496f22025ece259b0fbf46edaae27fcf67080e87b5cfda9ab7bf0d6fe8e4184785c642157d9bbd9d4fce766633d097398b7ccd1
-
SSDEEP
6144:CJieURFHdDXwvTygXUNVS4MGh1aBFrvz1xcxcVtqP:CJIR0yR1aBFrvz1xcxyqP
Static task
static1
Behavioral task
behavioral1
Sample
ed65b96368b266ac147d5ad9683bef4e28dc74b37e70f2c1d732964bfc8cae52.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
ed65b96368b266ac147d5ad9683bef4e28dc74b37e70f2c1d732964bfc8cae52
-
Size
308KB
-
MD5
95f82a3813a23b1612306c0b635d73c8
-
SHA1
f224db4466b77db6851f0ec38a1b59ebd85b3a47
-
SHA256
ed65b96368b266ac147d5ad9683bef4e28dc74b37e70f2c1d732964bfc8cae52
-
SHA512
67015680cc53f27304bc5c303496f22025ece259b0fbf46edaae27fcf67080e87b5cfda9ab7bf0d6fe8e4184785c642157d9bbd9d4fce766633d097398b7ccd1
-
SSDEEP
6144:CJieURFHdDXwvTygXUNVS4MGh1aBFrvz1xcxcVtqP:CJIR0yR1aBFrvz1xcxyqP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-