General
-
Target
fadd889369e83e7872dca59f4e3b115ac2d3f02e8a63ff9704ea64fff9a6e47c
-
Size
308KB
-
Sample
230608-shbgesha6z
-
MD5
9483517b340ee98d2753b8abb5f3317f
-
SHA1
f808f815132d4206f1b472a78a0d0ede61d8a914
-
SHA256
fadd889369e83e7872dca59f4e3b115ac2d3f02e8a63ff9704ea64fff9a6e47c
-
SHA512
a9e067bd3fd1937ca63c3db6703b958bcf77dcb7a75f27ce66805ca59a1732bf7c3034581c98d95c30116f5a730867bceadd13e5e6043c82b411ee232065ba66
-
SSDEEP
6144:qJieERFHqXwvTygXUNVS4MGh1aBFrvz1xcxcVtiP:qJYR7yR1aBFrvz1xcxyiP
Static task
static1
Behavioral task
behavioral1
Sample
fadd889369e83e7872dca59f4e3b115ac2d3f02e8a63ff9704ea64fff9a6e47c.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
fadd889369e83e7872dca59f4e3b115ac2d3f02e8a63ff9704ea64fff9a6e47c
-
Size
308KB
-
MD5
9483517b340ee98d2753b8abb5f3317f
-
SHA1
f808f815132d4206f1b472a78a0d0ede61d8a914
-
SHA256
fadd889369e83e7872dca59f4e3b115ac2d3f02e8a63ff9704ea64fff9a6e47c
-
SHA512
a9e067bd3fd1937ca63c3db6703b958bcf77dcb7a75f27ce66805ca59a1732bf7c3034581c98d95c30116f5a730867bceadd13e5e6043c82b411ee232065ba66
-
SSDEEP
6144:qJieERFHqXwvTygXUNVS4MGh1aBFrvz1xcxcVtiP:qJYR7yR1aBFrvz1xcxyiP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-