General
-
Target
738f696f228f13c18454c013926b38b2
-
Size
444KB
-
Sample
211104-ps8m5adgcn
-
MD5
738f696f228f13c18454c013926b38b2
-
SHA1
04c1ea711ed7077cee2b67c33577caadc24b97e8
-
SHA256
0fc853cdddb7195dbf6052a7970add6d5cb57f6b7f2478f6e3de20ff87fc890f
-
SHA512
dc4f05debf4e41b52412b6681efd3ad2622cd9d2f401df317bfbb525797e3fb6000536e78d9dbff67f7149ee5b2db94ba723cff7315816c92095e551974a0038
Static task
static1
Behavioral task
behavioral1
Sample
738f696f228f13c18454c013926b38b2.exe
Resource
win7-en-20210920
Malware Config
Extracted
redline
LOVE
91.242.229.222:21475
Targets
-
-
Target
738f696f228f13c18454c013926b38b2
-
Size
444KB
-
MD5
738f696f228f13c18454c013926b38b2
-
SHA1
04c1ea711ed7077cee2b67c33577caadc24b97e8
-
SHA256
0fc853cdddb7195dbf6052a7970add6d5cb57f6b7f2478f6e3de20ff87fc890f
-
SHA512
dc4f05debf4e41b52412b6681efd3ad2622cd9d2f401df317bfbb525797e3fb6000536e78d9dbff67f7149ee5b2db94ba723cff7315816c92095e551974a0038
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-