General
-
Target
2927bc846121875589e0e0aef1e2d5e1f4560f2afeac86ef7a1456ebd52655f7
-
Size
308KB
-
Sample
230608-spvhwagd59
-
MD5
a30b4635360d9048273e3a1b741dc672
-
SHA1
a58eb314de009e7b135a4b28adf73800d07be723
-
SHA256
2927bc846121875589e0e0aef1e2d5e1f4560f2afeac86ef7a1456ebd52655f7
-
SHA512
e55d34c9ead279a8225661f988c1962428d830bd77db30d055372e068b02ba057fcaa13a52e0753d0003e83f42ad39f2d022b51c602ec185b875e181c4a671bc
-
SSDEEP
6144:aJie0RFHhNXwvTygXUNVS4MGh1aBFrvz1xcxcVt8P:aJoRqyR1aBFrvz1xcxy8P
Static task
static1
Behavioral task
behavioral1
Sample
2927bc846121875589e0e0aef1e2d5e1f4560f2afeac86ef7a1456ebd52655f7.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
2927bc846121875589e0e0aef1e2d5e1f4560f2afeac86ef7a1456ebd52655f7
-
Size
308KB
-
MD5
a30b4635360d9048273e3a1b741dc672
-
SHA1
a58eb314de009e7b135a4b28adf73800d07be723
-
SHA256
2927bc846121875589e0e0aef1e2d5e1f4560f2afeac86ef7a1456ebd52655f7
-
SHA512
e55d34c9ead279a8225661f988c1962428d830bd77db30d055372e068b02ba057fcaa13a52e0753d0003e83f42ad39f2d022b51c602ec185b875e181c4a671bc
-
SSDEEP
6144:aJie0RFHhNXwvTygXUNVS4MGh1aBFrvz1xcxcVt8P:aJoRqyR1aBFrvz1xcxy8P
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-