General
-
Target
533e2a477734c51c894f95335b5af00ddbc32af0b15d5173cb49f52df01a9f88.exe
-
Size
1.5MB
-
Sample
240701-qxyjdsyalj
-
MD5
cb98320171d36e2b913c56a4cddfad44
-
SHA1
d9d8c535906d83f2de73759af8739d2985fdf7dd
-
SHA256
533e2a477734c51c894f95335b5af00ddbc32af0b15d5173cb49f52df01a9f88
-
SHA512
ef1508144094073ce3a6ce18caabcbb5d9405b9a594439672411974e090c4f4be4bdb9c6cf7a99ecbb802dc284fb40dcea20e197593b9bc2d1bd0de3e7e7b429
-
SSDEEP
49152:6y55n15t6mWD/+oI9Z9rqyI44HppuzGxHH8Boz:F5DjoqZ92yVG/uzGNc
Static task
static1
Behavioral task
behavioral1
Sample
533e2a477734c51c894f95335b5af00ddbc32af0b15d5173cb49f52df01a9f88.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
533e2a477734c51c894f95335b5af00ddbc32af0b15d5173cb49f52df01a9f88.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
@skayoker38
94.228.166.68:80
Targets
-
-
Target
533e2a477734c51c894f95335b5af00ddbc32af0b15d5173cb49f52df01a9f88.exe
-
Size
1.5MB
-
MD5
cb98320171d36e2b913c56a4cddfad44
-
SHA1
d9d8c535906d83f2de73759af8739d2985fdf7dd
-
SHA256
533e2a477734c51c894f95335b5af00ddbc32af0b15d5173cb49f52df01a9f88
-
SHA512
ef1508144094073ce3a6ce18caabcbb5d9405b9a594439672411974e090c4f4be4bdb9c6cf7a99ecbb802dc284fb40dcea20e197593b9bc2d1bd0de3e7e7b429
-
SSDEEP
49152:6y55n15t6mWD/+oI9Z9rqyI44HppuzGxHH8Boz:F5DjoqZ92yVG/uzGNc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-