General
-
Target
75dd991971cab83f49b214ca6e3dca575395db63514e334f8b0065478af6f077
-
Size
380KB
-
Sample
230827-fe56eafe45
-
MD5
80c339b9cfb70abfcb04639c45ed43cd
-
SHA1
8528245af0095d13719df2d074783e7e3e3b7b9c
-
SHA256
75dd991971cab83f49b214ca6e3dca575395db63514e334f8b0065478af6f077
-
SHA512
4a54f03886aed7af2ff71e7f36e9193194c11ebf1d924922bdb8d5a0b70a73d001db3c263dbb193c188c6fe52070435da2771a6ecdba8310b40f7a5ef7f80c4e
-
SSDEEP
6144:tlwysXhFhimXpURQ0m0RmFmBylFJAOs5frWRTfbmD8D8SHFGlKUduuQBn:3wymFhimXp6eFzl/ffbE8D8SHYzQBn
Static task
static1
Behavioral task
behavioral1
Sample
75dd991971cab83f49b214ca6e3dca575395db63514e334f8b0065478af6f077.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
75dd991971cab83f49b214ca6e3dca575395db63514e334f8b0065478af6f077.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
installs
162.55.189.218:26952
-
auth_value
4bdfa4191a2826ff2af143a4691bab78
Targets
-
-
Target
75dd991971cab83f49b214ca6e3dca575395db63514e334f8b0065478af6f077
-
Size
380KB
-
MD5
80c339b9cfb70abfcb04639c45ed43cd
-
SHA1
8528245af0095d13719df2d074783e7e3e3b7b9c
-
SHA256
75dd991971cab83f49b214ca6e3dca575395db63514e334f8b0065478af6f077
-
SHA512
4a54f03886aed7af2ff71e7f36e9193194c11ebf1d924922bdb8d5a0b70a73d001db3c263dbb193c188c6fe52070435da2771a6ecdba8310b40f7a5ef7f80c4e
-
SSDEEP
6144:tlwysXhFhimXpURQ0m0RmFmBylFJAOs5frWRTfbmD8D8SHFGlKUduuQBn:3wymFhimXp6eFzl/ffbE8D8SHYzQBn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-