General
-
Target
19df4e374614e34672ee9392db0951517f0c9c3eddd18ea40baca57e2975d3c4
-
Size
307KB
-
Sample
230608-sw4ecshb8x
-
MD5
6ac51a8ddb7e214559838a7c44ef82b6
-
SHA1
ad07266e92f6e98b874a51e367b170b406b447d8
-
SHA256
19df4e374614e34672ee9392db0951517f0c9c3eddd18ea40baca57e2975d3c4
-
SHA512
e1a35213bfa11c858bbd083b3193ce633da464354043bb394a5320849af43a3192f90f49cce827668aed4efe69e10ae71e32ed481f34e67392d2e7ad33ce339f
-
SSDEEP
6144:8pSOyjtRVnybHwvTygXUNVS4MGh1aBFrvz1xcxcFtRv:8pWjtRxyR1aBFrvz1xcxiRv
Static task
static1
Behavioral task
behavioral1
Sample
19df4e374614e34672ee9392db0951517f0c9c3eddd18ea40baca57e2975d3c4.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
19df4e374614e34672ee9392db0951517f0c9c3eddd18ea40baca57e2975d3c4
-
Size
307KB
-
MD5
6ac51a8ddb7e214559838a7c44ef82b6
-
SHA1
ad07266e92f6e98b874a51e367b170b406b447d8
-
SHA256
19df4e374614e34672ee9392db0951517f0c9c3eddd18ea40baca57e2975d3c4
-
SHA512
e1a35213bfa11c858bbd083b3193ce633da464354043bb394a5320849af43a3192f90f49cce827668aed4efe69e10ae71e32ed481f34e67392d2e7ad33ce339f
-
SSDEEP
6144:8pSOyjtRVnybHwvTygXUNVS4MGh1aBFrvz1xcxcFtRv:8pWjtRxyR1aBFrvz1xcxiRv
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-