General
-
Target
73ca4c10afa6a3f712facb40aa8254ae
-
Size
359KB
-
Sample
210824-yhhvywacv6
-
MD5
73ca4c10afa6a3f712facb40aa8254ae
-
SHA1
ad824606d6c465a46296b736e8fa116bb67309a3
-
SHA256
d8f723849493f85b6bd44cf8b94261f30ff26fa3080d5e53b537a5eacfdd873d
-
SHA512
9c71e25022b678025a0465c8b5e92f99f2a957c4c3601b6e1617c48e19881e36da94c3ac87d6b05a6116088137be69fc67e61cbd8eac9dc8da26bbde571de907
Static task
static1
Behavioral task
behavioral1
Sample
73ca4c10afa6a3f712facb40aa8254ae.exe
Resource
win7v20210408
Malware Config
Extracted
redline
build2
91.142.77.189:61524
Targets
-
-
Target
73ca4c10afa6a3f712facb40aa8254ae
-
Size
359KB
-
MD5
73ca4c10afa6a3f712facb40aa8254ae
-
SHA1
ad824606d6c465a46296b736e8fa116bb67309a3
-
SHA256
d8f723849493f85b6bd44cf8b94261f30ff26fa3080d5e53b537a5eacfdd873d
-
SHA512
9c71e25022b678025a0465c8b5e92f99f2a957c4c3601b6e1617c48e19881e36da94c3ac87d6b05a6116088137be69fc67e61cbd8eac9dc8da26bbde571de907
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-