General
-
Target
a8ddfd500b85b492652631e7a2d2fca7.exe
-
Size
315KB
-
Sample
210421-54qr46f8ba
-
MD5
a8ddfd500b85b492652631e7a2d2fca7
-
SHA1
346f7f9edcaabec31a9327e979adf63fcccaaf5b
-
SHA256
f3ec960fde547dac872a3fe8ee59c3beb063457673fcf50480e20c886c7f17fa
-
SHA512
8db5be60202afad51e2664481b7aa114a55561625c805a039c5bda4434e881f3b63365e7bdc0242290ba6888e0c2ee2a2aa184da759c324dc6561a13226ae5e7
Static task
static1
Behavioral task
behavioral1
Sample
a8ddfd500b85b492652631e7a2d2fca7.exe
Resource
win7v20210408
Malware Config
Extracted
redline
118
bumblebee2021.store:80
trusmileveneers.store:80
lazerprojekt.store:80
Targets
-
-
Target
a8ddfd500b85b492652631e7a2d2fca7.exe
-
Size
315KB
-
MD5
a8ddfd500b85b492652631e7a2d2fca7
-
SHA1
346f7f9edcaabec31a9327e979adf63fcccaaf5b
-
SHA256
f3ec960fde547dac872a3fe8ee59c3beb063457673fcf50480e20c886c7f17fa
-
SHA512
8db5be60202afad51e2664481b7aa114a55561625c805a039c5bda4434e881f3b63365e7bdc0242290ba6888e0c2ee2a2aa184da759c324dc6561a13226ae5e7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-