General
-
Target
a9bbb6b83cc3d2aa7d25422179a82d7ecb2c84f41b6ad.exe
-
Size
406KB
-
Sample
210611-lfzym53rns
-
MD5
2b862c6350557bc32519e55f14a1e3a7
-
SHA1
21b80c4e66a260cbf2d1b357e1300517f39d9619
-
SHA256
a9bbb6b83cc3d2aa7d25422179a82d7ecb2c84f41b6ad1067aa46883446900d9
-
SHA512
f866efc2641079ccb1ef89e1254935ba0bf80f26943442111af865468dae88f731b2f0884f75957496f3ae4576b97788d8a26efc3fff7bc13ad92251aa8a0356
Static task
static1
Behavioral task
behavioral1
Sample
a9bbb6b83cc3d2aa7d25422179a82d7ecb2c84f41b6ad.exe
Resource
win7v20210410
Malware Config
Extracted
redline
test
qurigoraka.xyz:80
Targets
-
-
Target
a9bbb6b83cc3d2aa7d25422179a82d7ecb2c84f41b6ad.exe
-
Size
406KB
-
MD5
2b862c6350557bc32519e55f14a1e3a7
-
SHA1
21b80c4e66a260cbf2d1b357e1300517f39d9619
-
SHA256
a9bbb6b83cc3d2aa7d25422179a82d7ecb2c84f41b6ad1067aa46883446900d9
-
SHA512
f866efc2641079ccb1ef89e1254935ba0bf80f26943442111af865468dae88f731b2f0884f75957496f3ae4576b97788d8a26efc3fff7bc13ad92251aa8a0356
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-