General
-
Target
a591d3d035cf90395ad1078a415a46b5b44dd813496291b702fe36cfb22dee36.exe
-
Size
1.0MB
-
Sample
240629-b3hb2a1dmm
-
MD5
464709f3215d06f6703eb4ecb607ae7a
-
SHA1
1f438f2ab699f842cec119981ae5bf799df5d203
-
SHA256
a591d3d035cf90395ad1078a415a46b5b44dd813496291b702fe36cfb22dee36
-
SHA512
007b3d6c7da18c9d8b31991520d18fa2ee323cf8b4d8ea153d74cf93d5bfb38df79bc65a968cc6e07c996c451f0f1c8b2a0b9f0529a6b67ca148cc27adf1eda9
-
SSDEEP
24576:3AHnh+eWsN3skA4RV1Hom2KXMmHaeAfg3sujtg5:qh+ZkldoPK8YaeAfTYg
Static task
static1
Behavioral task
behavioral1
Sample
a591d3d035cf90395ad1078a415a46b5b44dd813496291b702fe36cfb22dee36.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a591d3d035cf90395ad1078a415a46b5b44dd813496291b702fe36cfb22dee36.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
wordfile
185.38.142.10:7474
Targets
-
-
Target
a591d3d035cf90395ad1078a415a46b5b44dd813496291b702fe36cfb22dee36.exe
-
Size
1.0MB
-
MD5
464709f3215d06f6703eb4ecb607ae7a
-
SHA1
1f438f2ab699f842cec119981ae5bf799df5d203
-
SHA256
a591d3d035cf90395ad1078a415a46b5b44dd813496291b702fe36cfb22dee36
-
SHA512
007b3d6c7da18c9d8b31991520d18fa2ee323cf8b4d8ea153d74cf93d5bfb38df79bc65a968cc6e07c996c451f0f1c8b2a0b9f0529a6b67ca148cc27adf1eda9
-
SSDEEP
24576:3AHnh+eWsN3skA4RV1Hom2KXMmHaeAfg3sujtg5:qh+ZkldoPK8YaeAfTYg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Detect binaries embedding considerable number of cryptocurrency wallet browser extension IDs.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-