General
-
Target
4aba7c5ae93f45e5d6a7187e84466102.exe
-
Size
314KB
-
Sample
210421-hanmbtgrlx
-
MD5
4aba7c5ae93f45e5d6a7187e84466102
-
SHA1
22f0b3f271d7934c7289a2159099ee3a11c789ce
-
SHA256
2efb4d4bb7e9141474ee5ae3f8c40274c5ab675b33836ac31a8ec554dd76a9bf
-
SHA512
e72b6c7a4162020338146088c93a7534de6a861fb3dfa70c5127d1c234ae07510d4bde54d48ad01197b457c41e5a184606136916e44b3f89b54e767df3fe6734
Static task
static1
Behavioral task
behavioral1
Sample
4aba7c5ae93f45e5d6a7187e84466102.exe
Resource
win7v20210408
Malware Config
Extracted
redline
118
bumblebee2021.store:80
trusmileveneers.store:80
lazerprojekt.store:80
Targets
-
-
Target
4aba7c5ae93f45e5d6a7187e84466102.exe
-
Size
314KB
-
MD5
4aba7c5ae93f45e5d6a7187e84466102
-
SHA1
22f0b3f271d7934c7289a2159099ee3a11c789ce
-
SHA256
2efb4d4bb7e9141474ee5ae3f8c40274c5ab675b33836ac31a8ec554dd76a9bf
-
SHA512
e72b6c7a4162020338146088c93a7534de6a861fb3dfa70c5127d1c234ae07510d4bde54d48ad01197b457c41e5a184606136916e44b3f89b54e767df3fe6734
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-