General
-
Target
aab7b335612bb27d5aa1ab2b00e1a452.exe
-
Size
380KB
-
Sample
210611-lmjkjz4ljn
-
MD5
aab7b335612bb27d5aa1ab2b00e1a452
-
SHA1
51e2d101c5b0d68cc206bfe9de9a4b7666cbd712
-
SHA256
b9e2a41e63b1886285d2617ad4f820db9ff5d1133b47e90b52368d3b87333684
-
SHA512
f7ecb851eca0410201391dcb28b128836e4b3eb244aec47b8f7531ce392711b92127673b424b7a16d0e4bc6712f1a2d19e80eed73f4a6883f97cdcd360313c47
Static task
static1
Behavioral task
behavioral1
Sample
aab7b335612bb27d5aa1ab2b00e1a452.exe
Resource
win7v20210410
Malware Config
Extracted
redline
mix2
194.156.67.100:48883
Targets
-
-
Target
aab7b335612bb27d5aa1ab2b00e1a452.exe
-
Size
380KB
-
MD5
aab7b335612bb27d5aa1ab2b00e1a452
-
SHA1
51e2d101c5b0d68cc206bfe9de9a4b7666cbd712
-
SHA256
b9e2a41e63b1886285d2617ad4f820db9ff5d1133b47e90b52368d3b87333684
-
SHA512
f7ecb851eca0410201391dcb28b128836e4b3eb244aec47b8f7531ce392711b92127673b424b7a16d0e4bc6712f1a2d19e80eed73f4a6883f97cdcd360313c47
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-