General
-
Target
6aef13c22a36c800d858bf4f9e65a2c7.exe
-
Size
250KB
-
Sample
210926-r757naehdp
-
MD5
6aef13c22a36c800d858bf4f9e65a2c7
-
SHA1
ec3261ea610b94a4fc89e33bcacc3bbcec7bcdd1
-
SHA256
e93fdd6c2e680bda32c4675d43c83137de8459621d2118ce5a85b1f8efcb18e6
-
SHA512
747e940a75fec13431814693f34f54ffe80c2f39bdf82a1e8290018b8d17df6bf0283dbbee4e4dd66e07f45ffca6dc82e90c6fdb07a38412ec3e8d0504b7e8c9
Static task
static1
Behavioral task
behavioral1
Sample
6aef13c22a36c800d858bf4f9e65a2c7.exe
Resource
win7v20210408
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
6aef13c22a36c800d858bf4f9e65a2c7.exe
-
Size
250KB
-
MD5
6aef13c22a36c800d858bf4f9e65a2c7
-
SHA1
ec3261ea610b94a4fc89e33bcacc3bbcec7bcdd1
-
SHA256
e93fdd6c2e680bda32c4675d43c83137de8459621d2118ce5a85b1f8efcb18e6
-
SHA512
747e940a75fec13431814693f34f54ffe80c2f39bdf82a1e8290018b8d17df6bf0283dbbee4e4dd66e07f45ffca6dc82e90c6fdb07a38412ec3e8d0504b7e8c9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-