General
-
Target
f3320fd18c4c7ea7afac46a2fdd1401be9667edfd77b386d5b55149409711534
-
Size
308KB
-
Sample
230608-sjwtragd24
-
MD5
ea892617cb6cbff9906c4cecbd91f0e9
-
SHA1
394542752ce74eefc590f3190c44c6e13966d7a3
-
SHA256
f3320fd18c4c7ea7afac46a2fdd1401be9667edfd77b386d5b55149409711534
-
SHA512
fe77ad451e482cf1eda6e76623923bc230eb87cbd7148f2ee3c0b46e93b79c9c3eda1dc1a965f1d73024a4ebfc8ba82c9f6e11e59e18fa97057c2587bb1e6cb9
-
SSDEEP
6144:qJieERFHqXwvTygXUNVS4MGh1aBFrvz1xcxcVtiP:qJYR7yR1aBFrvz1xcxyiP
Static task
static1
Behavioral task
behavioral1
Sample
f3320fd18c4c7ea7afac46a2fdd1401be9667edfd77b386d5b55149409711534.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
f3320fd18c4c7ea7afac46a2fdd1401be9667edfd77b386d5b55149409711534
-
Size
308KB
-
MD5
ea892617cb6cbff9906c4cecbd91f0e9
-
SHA1
394542752ce74eefc590f3190c44c6e13966d7a3
-
SHA256
f3320fd18c4c7ea7afac46a2fdd1401be9667edfd77b386d5b55149409711534
-
SHA512
fe77ad451e482cf1eda6e76623923bc230eb87cbd7148f2ee3c0b46e93b79c9c3eda1dc1a965f1d73024a4ebfc8ba82c9f6e11e59e18fa97057c2587bb1e6cb9
-
SSDEEP
6144:qJieERFHqXwvTygXUNVS4MGh1aBFrvz1xcxcVtiP:qJYR7yR1aBFrvz1xcxyiP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-