General
-
Target
E3842CE1A944BA370DB991DDB782FC0BAF4BD1BDF1215.exe
-
Size
6.5MB
-
Sample
240117-16r33sgcb9
-
MD5
a7d458984cd041e231acf88a8968d61d
-
SHA1
e1a0df74a9ff8983e05d309ac80e0516571c83bc
-
SHA256
e3842ce1a944ba370db991ddb782fc0baf4bd1bdf1215f90abac4f3c14400487
-
SHA512
69b7e055a02df11dd666984c8a5ff847c5d36bab498fb561d44fba84bd2ad1152163e63eb8aac29e58690218149fc90280658201860ff37756c2ce9e7058c025
-
SSDEEP
98304:6/1FK8uWvXodPOTZgMVv2wNN/ZlFZIShcvsY8722fjHno4:6iavEmTZgMVvNvxXZdO5872Wj
Static task
static1
Behavioral task
behavioral1
Sample
E3842CE1A944BA370DB991DDB782FC0BAF4BD1BDF1215.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
E3842CE1A944BA370DB991DDB782FC0BAF4BD1BDF1215.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
E3842CE1A944BA370DB991DDB782FC0BAF4BD1BDF1215.exe
-
Size
6.5MB
-
MD5
a7d458984cd041e231acf88a8968d61d
-
SHA1
e1a0df74a9ff8983e05d309ac80e0516571c83bc
-
SHA256
e3842ce1a944ba370db991ddb782fc0baf4bd1bdf1215f90abac4f3c14400487
-
SHA512
69b7e055a02df11dd666984c8a5ff847c5d36bab498fb561d44fba84bd2ad1152163e63eb8aac29e58690218149fc90280658201860ff37756c2ce9e7058c025
-
SSDEEP
98304:6/1FK8uWvXodPOTZgMVv2wNN/ZlFZIShcvsY8722fjHno4:6iavEmTZgMVvNvxXZdO5872Wj
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-