General
-
Target
fcadc49c290e88f94067fcf0f27ac009532dc67cdf80783202e1757814068397
-
Size
308KB
-
Sample
230608-stg4cahb6y
-
MD5
9225ad4681d505e7042f260aeeba8a0c
-
SHA1
130e3e46b700798f519659c15006bab217030f42
-
SHA256
fcadc49c290e88f94067fcf0f27ac009532dc67cdf80783202e1757814068397
-
SHA512
43cd674c9a59b7e12d4ac01e15d80e16da5c422b7ef75e6f8fcb2ddfa475760b9eaa052cfc181c72cd73ca70bbf4096af5c63c95903d8123bacafd478a7065c9
-
SSDEEP
6144:AJie0RFHWXwvTygXUNVS4MGh1aBFrvz1xcxcVtf0P:AJoRXyR1aBFrvz1xcxycP
Static task
static1
Behavioral task
behavioral1
Sample
fcadc49c290e88f94067fcf0f27ac009532dc67cdf80783202e1757814068397.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
fcadc49c290e88f94067fcf0f27ac009532dc67cdf80783202e1757814068397
-
Size
308KB
-
MD5
9225ad4681d505e7042f260aeeba8a0c
-
SHA1
130e3e46b700798f519659c15006bab217030f42
-
SHA256
fcadc49c290e88f94067fcf0f27ac009532dc67cdf80783202e1757814068397
-
SHA512
43cd674c9a59b7e12d4ac01e15d80e16da5c422b7ef75e6f8fcb2ddfa475760b9eaa052cfc181c72cd73ca70bbf4096af5c63c95903d8123bacafd478a7065c9
-
SSDEEP
6144:AJie0RFHWXwvTygXUNVS4MGh1aBFrvz1xcxcVtf0P:AJoRXyR1aBFrvz1xcxycP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-