General
-
Target
fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2
-
Size
265KB
-
Sample
241113-nxnm3s1elb
-
MD5
50ca49634420336958ce73629d9a2cf6
-
SHA1
9653e0449a18dbdb8af685f6b16b055cea530139
-
SHA256
fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2
-
SHA512
1839501ba5a1554c97efa99493b565b8780c403750f9a46ad3fee7f8a2073f0bebc54aa79865a3cea13a43c17d58665bd85e0ba2a8e9ba369ea34e0aebdce009
-
SSDEEP
6144:r0VLG6ytpg56d+Qa5BLhlEpZeVtveyqyC50G7hxWaZiHG6V:yLGNpEvnr+pZeVgyqyCPlsscG6V
Static task
static1
Behavioral task
behavioral1
Sample
fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2
-
Size
265KB
-
MD5
50ca49634420336958ce73629d9a2cf6
-
SHA1
9653e0449a18dbdb8af685f6b16b055cea530139
-
SHA256
fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2
-
SHA512
1839501ba5a1554c97efa99493b565b8780c403750f9a46ad3fee7f8a2073f0bebc54aa79865a3cea13a43c17d58665bd85e0ba2a8e9ba369ea34e0aebdce009
-
SSDEEP
6144:r0VLG6ytpg56d+Qa5BLhlEpZeVtveyqyC50G7hxWaZiHG6V:yLGNpEvnr+pZeVgyqyCPlsscG6V
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-