General
-
Target
7a8db408f5edd590e2b11ca0a797b23d.exe
-
Size
353KB
-
Sample
210421-skfm1gsm6a
-
MD5
7a8db408f5edd590e2b11ca0a797b23d
-
SHA1
d78388471347f18d4d6e725a9a632d1b591b68e0
-
SHA256
425070c98bc33758009a547dff0b6ada696f791501a11f8b40f5f6686e518545
-
SHA512
65ee0c42be4d1206af0ad9456041736d7456aa8a3a4b2b01b1dfdd5869f124181079e00c17ae483e9590436843a846aaacb3b8a4ec82cd20a19315590084157e
Static task
static1
Behavioral task
behavioral1
Sample
7a8db408f5edd590e2b11ca0a797b23d.exe
Resource
win7v20210410
Malware Config
Extracted
redline
118
bumblebee2021.store:80
trusmileveneers.store:80
lazerprojekt.store:80
Targets
-
-
Target
7a8db408f5edd590e2b11ca0a797b23d.exe
-
Size
353KB
-
MD5
7a8db408f5edd590e2b11ca0a797b23d
-
SHA1
d78388471347f18d4d6e725a9a632d1b591b68e0
-
SHA256
425070c98bc33758009a547dff0b6ada696f791501a11f8b40f5f6686e518545
-
SHA512
65ee0c42be4d1206af0ad9456041736d7456aa8a3a4b2b01b1dfdd5869f124181079e00c17ae483e9590436843a846aaacb3b8a4ec82cd20a19315590084157e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-