General
-
Target
593a20557bc4f2e48090138ac3780b32
-
Size
291KB
-
Sample
210913-swwphshahm
-
MD5
593a20557bc4f2e48090138ac3780b32
-
SHA1
a570a1e1c270f4dde80689e600473f47fef6c985
-
SHA256
4965e6e224897f69fa884aded52e0dd664bc21f16a0733bd01f733dee66868e8
-
SHA512
1cf75da34b1b1b5e78de3d2a44a9a01f127ab35197b6cb6debd6212d8f6b2e492bd5d9babfb6ae0123306c306a82f7e75be6466da110ae1983048d786d5dad89
Static task
static1
Behavioral task
behavioral1
Sample
593a20557bc4f2e48090138ac3780b32.exe
Resource
win7-en
Malware Config
Extracted
redline
1309
95.217.77.23:53845
Targets
-
-
Target
593a20557bc4f2e48090138ac3780b32
-
Size
291KB
-
MD5
593a20557bc4f2e48090138ac3780b32
-
SHA1
a570a1e1c270f4dde80689e600473f47fef6c985
-
SHA256
4965e6e224897f69fa884aded52e0dd664bc21f16a0733bd01f733dee66868e8
-
SHA512
1cf75da34b1b1b5e78de3d2a44a9a01f127ab35197b6cb6debd6212d8f6b2e492bd5d9babfb6ae0123306c306a82f7e75be6466da110ae1983048d786d5dad89
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-