General
-
Target
7bbf28f9ee64569f2fd7523ec203f4f8ecafb3b0992a657d0bc63241df4c7b3d
-
Size
308KB
-
Sample
230608-rwjvaagg7x
-
MD5
f343b75f2d01245864261c5bf1241a28
-
SHA1
33c83e62ab430740030927e42947a511ff6b592c
-
SHA256
7bbf28f9ee64569f2fd7523ec203f4f8ecafb3b0992a657d0bc63241df4c7b3d
-
SHA512
151593edb932e37b975fea9f8e0170afc6ced0cd1d974895d56ae01577b65b7ce8c358040c2969be2ded627efc7d8aa677e591d8cd413f1b1baef94bb96b4e5a
-
SSDEEP
6144:FJieERFHS2XwvTygXUNVS4MGh1aBFrvz1xcxcVtZP:FJYRAVyR1aBFrvz1xcxyZP
Static task
static1
Behavioral task
behavioral1
Sample
7bbf28f9ee64569f2fd7523ec203f4f8ecafb3b0992a657d0bc63241df4c7b3d.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
7bbf28f9ee64569f2fd7523ec203f4f8ecafb3b0992a657d0bc63241df4c7b3d
-
Size
308KB
-
MD5
f343b75f2d01245864261c5bf1241a28
-
SHA1
33c83e62ab430740030927e42947a511ff6b592c
-
SHA256
7bbf28f9ee64569f2fd7523ec203f4f8ecafb3b0992a657d0bc63241df4c7b3d
-
SHA512
151593edb932e37b975fea9f8e0170afc6ced0cd1d974895d56ae01577b65b7ce8c358040c2969be2ded627efc7d8aa677e591d8cd413f1b1baef94bb96b4e5a
-
SSDEEP
6144:FJieERFHS2XwvTygXUNVS4MGh1aBFrvz1xcxcVtZP:FJYRAVyR1aBFrvz1xcxyZP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-