General
-
Target
file.exe
-
Size
594KB
-
Sample
230619-h9h1gade6x
-
MD5
b5ab758095caa295eae0dd07401a944c
-
SHA1
fea81919a7063d143cd94706ad02940ad57651a5
-
SHA256
a63139a21058e0e9e39b22c8b293f409d4382a66b6824c2ab89c1172daf16e3e
-
SHA512
6c602377a36a495bd56c09533310d28654fbf388a04d3f81528ceaa57ea3bff0449db9459e283dc543e3bdf8e9a168f20b5176d9a2e25a343805b3dfc9ba6c08
-
SSDEEP
12288:L0BaH7DjoFcnpVvRLxVuPb7w2fGBtoEHLH9vzo9t9D:LWaH7foFcnphsPbc2uBtoEHLH9boHx
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
2
95.216.249.153:81
-
auth_value
101013a5e99e0857595aae297a11351d
Targets
-
-
Target
file.exe
-
Size
594KB
-
MD5
b5ab758095caa295eae0dd07401a944c
-
SHA1
fea81919a7063d143cd94706ad02940ad57651a5
-
SHA256
a63139a21058e0e9e39b22c8b293f409d4382a66b6824c2ab89c1172daf16e3e
-
SHA512
6c602377a36a495bd56c09533310d28654fbf388a04d3f81528ceaa57ea3bff0449db9459e283dc543e3bdf8e9a168f20b5176d9a2e25a343805b3dfc9ba6c08
-
SSDEEP
12288:L0BaH7DjoFcnpVvRLxVuPb7w2fGBtoEHLH9vzo9t9D:LWaH7foFcnphsPbc2uBtoEHLH9boHx
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-