General
-
Target
c3ecbcca3940d22d8248545c9337ff4b33c26264d1d0e44448710737fe1b7a72
-
Size
308KB
-
Sample
230608-rtvh1agg51
-
MD5
f68ca7bd4bdd9a6154679f62038e1677
-
SHA1
6ae27f235134acb34a7e9aaac34bf95676432886
-
SHA256
c3ecbcca3940d22d8248545c9337ff4b33c26264d1d0e44448710737fe1b7a72
-
SHA512
d11667d58e6b9c7a807cb7c89d0f19ebb10d6b7e2f0bc6ccf8b4f9df68d1b798e56d0130c494b0f24efa7c5e4c938bd0fef27b7c3498bb583adc509cb55da03a
-
SSDEEP
6144:FJieERFHS2XwvTygXUNVS4MGh1aBFrvz1xcxcVtZPN:FJYRAVyR1aBFrvz1xcxyZPN
Static task
static1
Behavioral task
behavioral1
Sample
c3ecbcca3940d22d8248545c9337ff4b33c26264d1d0e44448710737fe1b7a72.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
c3ecbcca3940d22d8248545c9337ff4b33c26264d1d0e44448710737fe1b7a72
-
Size
308KB
-
MD5
f68ca7bd4bdd9a6154679f62038e1677
-
SHA1
6ae27f235134acb34a7e9aaac34bf95676432886
-
SHA256
c3ecbcca3940d22d8248545c9337ff4b33c26264d1d0e44448710737fe1b7a72
-
SHA512
d11667d58e6b9c7a807cb7c89d0f19ebb10d6b7e2f0bc6ccf8b4f9df68d1b798e56d0130c494b0f24efa7c5e4c938bd0fef27b7c3498bb583adc509cb55da03a
-
SSDEEP
6144:FJieERFHS2XwvTygXUNVS4MGh1aBFrvz1xcxcVtZPN:FJYRAVyR1aBFrvz1xcxyZPN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-