General
-
Target
82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad
-
Size
306KB
-
Sample
240424-rkyt3abd6t
-
MD5
a922a5250a62dd492fa2fdf2d55e9fb8
-
SHA1
09b0571abc9c029ea777bc6576e363d9c6e99122
-
SHA256
82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad
-
SHA512
a2118de3d8b916f1d007f9a5bb43c03ae17e8697d17e4a34fadbe660ef3c9ce2e75b6ed36145412b48c8c882b52d2cadf3fa560fdd90cddea617b54d9e033981
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad.exe
Resource
win11-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad
-
Size
306KB
-
MD5
a922a5250a62dd492fa2fdf2d55e9fb8
-
SHA1
09b0571abc9c029ea777bc6576e363d9c6e99122
-
SHA256
82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad
-
SHA512
a2118de3d8b916f1d007f9a5bb43c03ae17e8697d17e4a34fadbe660ef3c9ce2e75b6ed36145412b48c8c882b52d2cadf3fa560fdd90cddea617b54d9e033981
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-