General
-
Target
3634f76f2a9a6f051b1ca26d6842681c3ff7cfc89a787e8002ce54ef01cb6948
-
Size
308KB
-
Sample
230608-sdyq6agc57
-
MD5
0236cc945d7861468473a48a6ce5b102
-
SHA1
1a0df241e7897cf39003307da614ed266a81ea7e
-
SHA256
3634f76f2a9a6f051b1ca26d6842681c3ff7cfc89a787e8002ce54ef01cb6948
-
SHA512
cc28db7dd2b0e3d14a17740323fb42e6bcb3c8a13611488cd9fab593c6c9aea357606606740c82a9994479cbb854afee643e5f4bfd405bfd13666a03d8d01ecc
-
SSDEEP
6144:zJiekRFHWXwvTygXUNVS4MGh1aBFrvz1xcxcVtEPN:zJ4RPyR1aBFrvz1xcxyEPN
Static task
static1
Behavioral task
behavioral1
Sample
3634f76f2a9a6f051b1ca26d6842681c3ff7cfc89a787e8002ce54ef01cb6948.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
3634f76f2a9a6f051b1ca26d6842681c3ff7cfc89a787e8002ce54ef01cb6948
-
Size
308KB
-
MD5
0236cc945d7861468473a48a6ce5b102
-
SHA1
1a0df241e7897cf39003307da614ed266a81ea7e
-
SHA256
3634f76f2a9a6f051b1ca26d6842681c3ff7cfc89a787e8002ce54ef01cb6948
-
SHA512
cc28db7dd2b0e3d14a17740323fb42e6bcb3c8a13611488cd9fab593c6c9aea357606606740c82a9994479cbb854afee643e5f4bfd405bfd13666a03d8d01ecc
-
SSDEEP
6144:zJiekRFHWXwvTygXUNVS4MGh1aBFrvz1xcxcVtEPN:zJ4RPyR1aBFrvz1xcxyEPN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-