General
-
Target
717a77357b194172da9212b29de15aa4405c3503dedddc2457dc97e196aedb93
-
Size
880KB
-
Sample
241217-rn847ssmdr
-
MD5
1edaba9f8d91ad001893722fe5c3ec3b
-
SHA1
1bc10e6c9ba39c6dcce671e83479db4c22c3d00a
-
SHA256
717a77357b194172da9212b29de15aa4405c3503dedddc2457dc97e196aedb93
-
SHA512
4a050691f669fc3285da0dd8a01c7c2243cc969e84539e5df337860b5f07c34026708d4bc8bb6982abfcec5b5471f493c94b24b1e94af6a66af37c67181e9758
-
SSDEEP
24576:tMaciw+uNtabUA/F9bXtFRF+z84My9GrkiTVqgooDmMV:tRciw+uibUKZ9FRM8QsjD9V
Static task
static1
Behavioral task
behavioral1
Sample
717a77357b194172da9212b29de15aa4405c3503dedddc2457dc97e196aedb93.exe
Resource
win7-20240903-en
Malware Config
Extracted
redline
LOGS
87.120.120.86:1912
Targets
-
-
Target
717a77357b194172da9212b29de15aa4405c3503dedddc2457dc97e196aedb93
-
Size
880KB
-
MD5
1edaba9f8d91ad001893722fe5c3ec3b
-
SHA1
1bc10e6c9ba39c6dcce671e83479db4c22c3d00a
-
SHA256
717a77357b194172da9212b29de15aa4405c3503dedddc2457dc97e196aedb93
-
SHA512
4a050691f669fc3285da0dd8a01c7c2243cc969e84539e5df337860b5f07c34026708d4bc8bb6982abfcec5b5471f493c94b24b1e94af6a66af37c67181e9758
-
SSDEEP
24576:tMaciw+uNtabUA/F9bXtFRF+z84My9GrkiTVqgooDmMV:tRciw+uibUKZ9FRM8QsjD9V
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-