General
-
Target
REVENGE_TOOl.exe
-
Size
96KB
-
Sample
210727-g9x46qld16
-
MD5
28f72fb108389f9638288e138f3e9dd6
-
SHA1
a48018ebb6e72560d9802d27ee770acc419d0eb8
-
SHA256
b74622825097140b74e41ec4b76dfc0afa913c087ed259404f6cda2395c2d3c6
-
SHA512
ccabdfd642803714aa725e206d05b7b73e51ef2922e177baba58e109220ca7f5afe47aaf01d85a64f0031e63a1ea0f6a5754551cbcdea29b96fda36bd9e8ee35
Behavioral task
behavioral1
Sample
REVENGE_TOOl.exe
Resource
win10v20210408
Malware Config
Extracted
redline
@i0fex
193.38.235.12:29867
Targets
-
-
Target
REVENGE_TOOl.exe
-
Size
96KB
-
MD5
28f72fb108389f9638288e138f3e9dd6
-
SHA1
a48018ebb6e72560d9802d27ee770acc419d0eb8
-
SHA256
b74622825097140b74e41ec4b76dfc0afa913c087ed259404f6cda2395c2d3c6
-
SHA512
ccabdfd642803714aa725e206d05b7b73e51ef2922e177baba58e109220ca7f5afe47aaf01d85a64f0031e63a1ea0f6a5754551cbcdea29b96fda36bd9e8ee35
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-