General
-
Target
63f1959b30ea4591bb0b2f5961b36850.exe
-
Size
321KB
-
Sample
210722-rxxa3h5c6s
-
MD5
63f1959b30ea4591bb0b2f5961b36850
-
SHA1
26c0c9c14a48b61971d528c98906cb79c68936c4
-
SHA256
f6ae1e90093fda0271db6d607a78af61c437253c3edd42019daf274c5369b8cb
-
SHA512
4d1de859652c321a2f14115debc049f2a17f8bd99b3a05e4c64edce40ca34f66930429478414645c7055d97c0822b67804998fe94e835db2aaeda1de836ee186
Static task
static1
Behavioral task
behavioral1
Sample
63f1959b30ea4591bb0b2f5961b36850.exe
Resource
win7v20210410
Malware Config
Extracted
redline
MIX 22.07
185.215.113.17:18597
Targets
-
-
Target
63f1959b30ea4591bb0b2f5961b36850.exe
-
Size
321KB
-
MD5
63f1959b30ea4591bb0b2f5961b36850
-
SHA1
26c0c9c14a48b61971d528c98906cb79c68936c4
-
SHA256
f6ae1e90093fda0271db6d607a78af61c437253c3edd42019daf274c5369b8cb
-
SHA512
4d1de859652c321a2f14115debc049f2a17f8bd99b3a05e4c64edce40ca34f66930429478414645c7055d97c0822b67804998fe94e835db2aaeda1de836ee186
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-