General
-
Target
b6d6b7b618047b4dbe1221f14d81d9b6ea8013aa981bcb3a4723848b41627d28
-
Size
4.0MB
-
Sample
210505-rmx1lhce8a
-
MD5
ee10252b6111c702bb6abfcaf9f5ab42
-
SHA1
d0d0ced5a321fe3dfd390604a69c0d4747ec1ee8
-
SHA256
b6d6b7b618047b4dbe1221f14d81d9b6ea8013aa981bcb3a4723848b41627d28
-
SHA512
41771f8e5d4653e62af9e745d20bf56413ed2f3d4a32effcbfbdf4d38dbec95e6dc0d2fef950fbf5acdf2d9ff5d441005c3df9e0a58a6a9a9c9a5db299aa7ffd
Static task
static1
Behavioral task
behavioral1
Sample
b6d6b7b618047b4dbe1221f14d81d9b6ea8013aa981bcb3a4723848b41627d28.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
b6d6b7b618047b4dbe1221f14d81d9b6ea8013aa981bcb3a4723848b41627d28.exe
Resource
win10v20210410
Malware Config
Extracted
redline
acrobatt_ads_emu
94.232.44.45:35200
Targets
-
-
Target
b6d6b7b618047b4dbe1221f14d81d9b6ea8013aa981bcb3a4723848b41627d28
-
Size
4.0MB
-
MD5
ee10252b6111c702bb6abfcaf9f5ab42
-
SHA1
d0d0ced5a321fe3dfd390604a69c0d4747ec1ee8
-
SHA256
b6d6b7b618047b4dbe1221f14d81d9b6ea8013aa981bcb3a4723848b41627d28
-
SHA512
41771f8e5d4653e62af9e745d20bf56413ed2f3d4a32effcbfbdf4d38dbec95e6dc0d2fef950fbf5acdf2d9ff5d441005c3df9e0a58a6a9a9c9a5db299aa7ffd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-