General
-
Target
437631f5368601d9c03477626b970cc746815a50a5bb87066c422e61bef5feb0
-
Size
401KB
-
Sample
240521-1wdgyabg26
-
MD5
7c5d3041f89f4359bf8bcf7f5b038fcb
-
SHA1
b81bcec472de94424c945b0fecdf57a01707dec2
-
SHA256
437631f5368601d9c03477626b970cc746815a50a5bb87066c422e61bef5feb0
-
SHA512
38af05a68c79ff8df583c5f28818531a87f9092bb0fec10a35edd76dba17bf1f580806f3bfef20a45855a3bc0ff7e6f30803802069d5bc05516e4fdc26dbffec
-
SSDEEP
6144:07OcGE+kl2yHMiNSqQT0ZcnL5e4PugTBqsM5Af9V4sdp1Nz9:07OcGq1HwqcnL5eTqBVZvz9
Static task
static1
Behavioral task
behavioral1
Sample
437631f5368601d9c03477626b970cc746815a50a5bb87066c422e61bef5feb0.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
437631f5368601d9c03477626b970cc746815a50a5bb87066c422e61bef5feb0.dll
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
194.26.232.43:20746
Targets
-
-
Target
437631f5368601d9c03477626b970cc746815a50a5bb87066c422e61bef5feb0
-
Size
401KB
-
MD5
7c5d3041f89f4359bf8bcf7f5b038fcb
-
SHA1
b81bcec472de94424c945b0fecdf57a01707dec2
-
SHA256
437631f5368601d9c03477626b970cc746815a50a5bb87066c422e61bef5feb0
-
SHA512
38af05a68c79ff8df583c5f28818531a87f9092bb0fec10a35edd76dba17bf1f580806f3bfef20a45855a3bc0ff7e6f30803802069d5bc05516e4fdc26dbffec
-
SSDEEP
6144:07OcGE+kl2yHMiNSqQT0ZcnL5e4PugTBqsM5Af9V4sdp1Nz9:07OcGq1HwqcnL5eTqBVZvz9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-