General
-
Target
SindonsWelfare_2021-09-26_15-02.exe
-
Size
250KB
-
Sample
210926-sdzcpaehfj
-
MD5
85ea0a07196273bbe4f6c62a03a2f203
-
SHA1
cdd0dffd5d27e3ad577ae8b9d2bb96f6f5dfe04e
-
SHA256
6cb9da1cb79c8725942119d20eceb769f64513380285b8729310ba025f0c4843
-
SHA512
a5f0ce32164d00b13c6d9a88686c4db835366b68260b6e2ce16ad00b44f7c435c4e034d753c9774a7e237f3b02cf16d2983c56b1bc6925baa6d1902b67a2fe80
Static task
static1
Behavioral task
behavioral1
Sample
SindonsWelfare_2021-09-26_15-02.exe
Resource
win7v20210408
Malware Config
Extracted
redline
karma
94.103.9.133:39323
Targets
-
-
Target
SindonsWelfare_2021-09-26_15-02.exe
-
Size
250KB
-
MD5
85ea0a07196273bbe4f6c62a03a2f203
-
SHA1
cdd0dffd5d27e3ad577ae8b9d2bb96f6f5dfe04e
-
SHA256
6cb9da1cb79c8725942119d20eceb769f64513380285b8729310ba025f0c4843
-
SHA512
a5f0ce32164d00b13c6d9a88686c4db835366b68260b6e2ce16ad00b44f7c435c4e034d753c9774a7e237f3b02cf16d2983c56b1bc6925baa6d1902b67a2fe80
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-