Resubmissions
15/06/2024, 11:23
240615-nhcx2aydmb 115/06/2024, 11:22
240615-ng1byaydke 115/06/2024, 11:16
240615-ndewtsscnq 1014/06/2024, 17:58
240614-wkcn2svbrk 1014/06/2024, 17:57
240614-wjtaeavbpj 114/06/2024, 17:56
240614-wh8npsvbnj 114/06/2024, 17:55
240614-whjdtavblj 114/06/2024, 16:38
240614-t5wxbaycqb 1014/06/2024, 16:38
240614-t5hppaycpe 114/06/2024, 16:37
240614-t42feaycne 1General
-
Target
http://p1t.fun/?l=1031
-
Sample
240615-ndewtsscnq
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://p1t.fun/?l=1031
Resource
win11-20240611-en
16 signatures
600 seconds
Malware Config
Extracted
Family
redline
Botnet
1467997772
C2
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/id/993846634744/
Targets
-
-
Target
http://p1t.fun/?l=1031
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-