General
-
Target
40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
-
Size
113KB
-
Sample
211014-hfnnvsgcal
-
MD5
2ecd8ebf431a9f066a58ec9617359448
-
SHA1
48b2430f05301b1438d9d98c422b4a580027f95c
-
SHA256
40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
-
SHA512
ec356b85095e5916a70d65c88533f41b8e12e57b3798a22f46ac8dc2b99267d264eaf946126be3cde46cbcfbcf5f4358c9d54738dcbd94d829dafe9c44f8f123
Malware Config
Extracted
redline
12102021
185.191.32.196:46757
Targets
-
-
Target
40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
-
Size
113KB
-
MD5
2ecd8ebf431a9f066a58ec9617359448
-
SHA1
48b2430f05301b1438d9d98c422b4a580027f95c
-
SHA256
40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
-
SHA512
ec356b85095e5916a70d65c88533f41b8e12e57b3798a22f46ac8dc2b99267d264eaf946126be3cde46cbcfbcf5f4358c9d54738dcbd94d829dafe9c44f8f123
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-