General
-
Target
1c9cb19f72b337353fab5826b145b2f3.exe
-
Size
1.4MB
-
Sample
230920-rbjnsaaf83
-
MD5
1c9cb19f72b337353fab5826b145b2f3
-
SHA1
2fe6ddb2fb7fc0082388904ffddb5902c520179b
-
SHA256
f217f02bbbf1b37386d8611b2ef07dd562d33dc1b31d84a260e11decf082b66a
-
SHA512
90a14e5be34e1f6b23c1ccbfb80b5f29d1ce6e1d58573de82abeb14b5a00f2bfbda4fc0d45058d6a5362274c08b0d280a4d280097f72ba3eb9b59db46acaf1bc
-
SSDEEP
24576:Slu3eXnSurrbe0DUBB//rAMg2aUqC3qRo/H/:SqSSCXe4ULOcqRC/
Static task
static1
Behavioral task
behavioral1
Sample
1c9cb19f72b337353fab5826b145b2f3.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
1c9cb19f72b337353fab5826b145b2f3.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
1c9cb19f72b337353fab5826b145b2f3.exe
-
Size
1.4MB
-
MD5
1c9cb19f72b337353fab5826b145b2f3
-
SHA1
2fe6ddb2fb7fc0082388904ffddb5902c520179b
-
SHA256
f217f02bbbf1b37386d8611b2ef07dd562d33dc1b31d84a260e11decf082b66a
-
SHA512
90a14e5be34e1f6b23c1ccbfb80b5f29d1ce6e1d58573de82abeb14b5a00f2bfbda4fc0d45058d6a5362274c08b0d280a4d280097f72ba3eb9b59db46acaf1bc
-
SSDEEP
24576:Slu3eXnSurrbe0DUBB//rAMg2aUqC3qRo/H/:SqSSCXe4ULOcqRC/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-