General
-
Target
d47e5b2f2e7ceaaa0ed233fa834340859543b4b52f79f56d1524e5ff59ff7458.exe
-
Size
325KB
-
Sample
240423-cddg8abd9t
-
MD5
c1ccdae0143c09701899efb5bbdd9e10
-
SHA1
c2d598b52379983d8e9e92d5da3f0412c474eff2
-
SHA256
d47e5b2f2e7ceaaa0ed233fa834340859543b4b52f79f56d1524e5ff59ff7458
-
SHA512
df28c24b060467de8ff4a2e464062ef3d12d2dfbb493d28b3a5b6d494e19797081da61140695e4f346bd9edc03a20e6252553695b6dcfe329c33744daba7c497
-
SSDEEP
6144:q7XPXBi74sHg9Nvhq6AXK4AjOqWvzTkGmXS:qFOHg9QOWvzzmXS
Static task
static1
Behavioral task
behavioral1
Sample
d47e5b2f2e7ceaaa0ed233fa834340859543b4b52f79f56d1524e5ff59ff7458.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
d47e5b2f2e7ceaaa0ed233fa834340859543b4b52f79f56d1524e5ff59ff7458.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
7001210066
https://pastebin.com/raw/KE5Mft0T
Targets
-
-
Target
d47e5b2f2e7ceaaa0ed233fa834340859543b4b52f79f56d1524e5ff59ff7458.exe
-
Size
325KB
-
MD5
c1ccdae0143c09701899efb5bbdd9e10
-
SHA1
c2d598b52379983d8e9e92d5da3f0412c474eff2
-
SHA256
d47e5b2f2e7ceaaa0ed233fa834340859543b4b52f79f56d1524e5ff59ff7458
-
SHA512
df28c24b060467de8ff4a2e464062ef3d12d2dfbb493d28b3a5b6d494e19797081da61140695e4f346bd9edc03a20e6252553695b6dcfe329c33744daba7c497
-
SSDEEP
6144:q7XPXBi74sHg9Nvhq6AXK4AjOqWvzTkGmXS:qFOHg9QOWvzzmXS
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-