General
-
Target
330a782a88339f89e23fda80e291e6fd98df12ad22f3403199d312400be0a702
-
Size
308KB
-
Sample
230608-srx2sahb4y
-
MD5
52ad8efcde3840b8494aa57c6ac32dd1
-
SHA1
9ad18d3116f59700dabbdf0a35998ed6e42b1725
-
SHA256
330a782a88339f89e23fda80e291e6fd98df12ad22f3403199d312400be0a702
-
SHA512
94d5f89801795f511d22474178afc550c5dbbc4e5d5112f164a775a85cef84c314c097358888577858176241a9de4cfd370d2de97d96aad23bd17fde405ef2db
-
SSDEEP
6144:AJie0RFHWXwvTygXUNVS4MGh1aBFrvz1xcxcVtf0P:AJoRXyR1aBFrvz1xcxycP
Static task
static1
Behavioral task
behavioral1
Sample
330a782a88339f89e23fda80e291e6fd98df12ad22f3403199d312400be0a702.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
330a782a88339f89e23fda80e291e6fd98df12ad22f3403199d312400be0a702
-
Size
308KB
-
MD5
52ad8efcde3840b8494aa57c6ac32dd1
-
SHA1
9ad18d3116f59700dabbdf0a35998ed6e42b1725
-
SHA256
330a782a88339f89e23fda80e291e6fd98df12ad22f3403199d312400be0a702
-
SHA512
94d5f89801795f511d22474178afc550c5dbbc4e5d5112f164a775a85cef84c314c097358888577858176241a9de4cfd370d2de97d96aad23bd17fde405ef2db
-
SSDEEP
6144:AJie0RFHWXwvTygXUNVS4MGh1aBFrvz1xcxcVtf0P:AJoRXyR1aBFrvz1xcxycP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-