General
-
Target
cheatMINE.exe
-
Size
907KB
-
Sample
211028-tp8aeagfem
-
MD5
2133a0f1fc59fcaf01aeafbeb99a0dce
-
SHA1
356314122398c64d96915c40e6ca357538d8f4a2
-
SHA256
e273b33d875d2227fd607c82cc4313509eebf56e8d9101d3a3e64ca6ddd3028c
-
SHA512
baefab75ebc9650ca8b441ba1e0cf136f34242f6acf2e97924b2f42cc9daea83b8d54c7dc32c8bdbc21ea65ce9d17100bd77421fb41846f816155b3b700fd956
Static task
static1
Behavioral task
behavioral1
Sample
cheatMINE.exe
Resource
win7-en-20210920
Malware Config
Extracted
redline
5IRJ6JMY
188.34.176.164:80
Targets
-
-
Target
cheatMINE.exe
-
Size
907KB
-
MD5
2133a0f1fc59fcaf01aeafbeb99a0dce
-
SHA1
356314122398c64d96915c40e6ca357538d8f4a2
-
SHA256
e273b33d875d2227fd607c82cc4313509eebf56e8d9101d3a3e64ca6ddd3028c
-
SHA512
baefab75ebc9650ca8b441ba1e0cf136f34242f6acf2e97924b2f42cc9daea83b8d54c7dc32c8bdbc21ea65ce9d17100bd77421fb41846f816155b3b700fd956
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-