General
-
Target
a4783e75fb1f0f168eb935b34957876a.exe
-
Size
822KB
-
Sample
211023-ntz7psccg4
-
MD5
a4783e75fb1f0f168eb935b34957876a
-
SHA1
98c127b90ec70fbd2467726cb6e6a406c5df92bd
-
SHA256
4a0f52dab31cc96ebe813dfce03401b5813d10153ffd805ba61b06cb169eee6a
-
SHA512
82c03dd2568484adc52d8cdbfc27f8329c925a2a5882eb64c19ee36ecd75d8c62f2e0d4ba1d3168b9e0856862e5d7df09c816083af011fecd1de1e690591220e
Static task
static1
Behavioral task
behavioral1
Sample
a4783e75fb1f0f168eb935b34957876a.exe
Resource
win7-en-20210920
Malware Config
Extracted
redline
@noilase
92.119.113.189:21746
Targets
-
-
Target
a4783e75fb1f0f168eb935b34957876a.exe
-
Size
822KB
-
MD5
a4783e75fb1f0f168eb935b34957876a
-
SHA1
98c127b90ec70fbd2467726cb6e6a406c5df92bd
-
SHA256
4a0f52dab31cc96ebe813dfce03401b5813d10153ffd805ba61b06cb169eee6a
-
SHA512
82c03dd2568484adc52d8cdbfc27f8329c925a2a5882eb64c19ee36ecd75d8c62f2e0d4ba1d3168b9e0856862e5d7df09c816083af011fecd1de1e690591220e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-