General
-
Target
a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5
-
Size
4.6MB
-
Sample
231215-rlv5kadahr
-
MD5
cf8a20b11ce9cf757bfaf49bd93ac524
-
SHA1
e349ecb0e296bb830f1b6495b003062c299c4016
-
SHA256
a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5
-
SHA512
a46ecf6435515de574074790696a19abdaea81b85d5d7dc6d3d0138cf75d4916acd500639889770dfc9a8de3f499cd39d86958bf46e47ded0a9227029fe7f73a
-
SSDEEP
49152:0+0uIwxes1V4MvtSMKJD50BIaVhzh2jmlGGODZ6LSjG9oSyTXYUkqOedG9ilud7x:08CMOJmBIqV2CENVlSyMqZ4iQd7x
Static task
static1
Behavioral task
behavioral1
Sample
a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
vic
91.92.241.115:12393
Targets
-
-
Target
a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5
-
Size
4.6MB
-
MD5
cf8a20b11ce9cf757bfaf49bd93ac524
-
SHA1
e349ecb0e296bb830f1b6495b003062c299c4016
-
SHA256
a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5
-
SHA512
a46ecf6435515de574074790696a19abdaea81b85d5d7dc6d3d0138cf75d4916acd500639889770dfc9a8de3f499cd39d86958bf46e47ded0a9227029fe7f73a
-
SSDEEP
49152:0+0uIwxes1V4MvtSMKJD50BIaVhzh2jmlGGODZ6LSjG9oSyTXYUkqOedG9ilud7x:08CMOJmBIqV2CENVlSyMqZ4iQd7x
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-