General
-
Target
7021cbf39452b83c63c57bbf706f9a9e
-
Size
344KB
-
Sample
210823-mc8cnczban
-
MD5
7021cbf39452b83c63c57bbf706f9a9e
-
SHA1
414a61b96e04762d02e6ab60095ca8845017908f
-
SHA256
8f308760b57ddfb34fbbcd49563b3056dabdb589d1999265bc8952453c36d261
-
SHA512
706463bcc47237c4c8f16080780e925ad491b49dc77cdf0cbc1be5bb55eebae566f71093e125abb95d3d9125af9274109a349b761ba4fa61a97a042ba04fff1d
Static task
static1
Behavioral task
behavioral1
Sample
7021cbf39452b83c63c57bbf706f9a9e.exe
Resource
win7v20210410
Malware Config
Extracted
redline
UPD
193.56.146.78:54955
Targets
-
-
Target
7021cbf39452b83c63c57bbf706f9a9e
-
Size
344KB
-
MD5
7021cbf39452b83c63c57bbf706f9a9e
-
SHA1
414a61b96e04762d02e6ab60095ca8845017908f
-
SHA256
8f308760b57ddfb34fbbcd49563b3056dabdb589d1999265bc8952453c36d261
-
SHA512
706463bcc47237c4c8f16080780e925ad491b49dc77cdf0cbc1be5bb55eebae566f71093e125abb95d3d9125af9274109a349b761ba4fa61a97a042ba04fff1d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-