General
-
Target
d62977ecf32ffc5e2876ffb87943022e3cb28172154a580ea3bc3f1ae26f91a4
-
Size
365KB
-
Sample
211110-cyvx1adccp
-
MD5
667df7fcbe531eb97d1519444b96dae6
-
SHA1
405dcd089ac54417b9ba61900d6da288b72aa325
-
SHA256
d62977ecf32ffc5e2876ffb87943022e3cb28172154a580ea3bc3f1ae26f91a4
-
SHA512
7b546655bec035e489d22b56bb9598f3f42eb65d4d229acb0dbbe7594486f68861e262f8bff2dd17d8b61a3e1ac3bc35281815688d29a1c23ae6f9e0f1b8a918
Static task
static1
Behavioral task
behavioral1
Sample
d62977ecf32ffc5e2876ffb87943022e3cb28172154a580ea3bc3f1ae26f91a4.exe
Resource
win10-en-20211014
Malware Config
Extracted
redline
1132044836
185.183.32.184:80
Targets
-
-
Target
d62977ecf32ffc5e2876ffb87943022e3cb28172154a580ea3bc3f1ae26f91a4
-
Size
365KB
-
MD5
667df7fcbe531eb97d1519444b96dae6
-
SHA1
405dcd089ac54417b9ba61900d6da288b72aa325
-
SHA256
d62977ecf32ffc5e2876ffb87943022e3cb28172154a580ea3bc3f1ae26f91a4
-
SHA512
7b546655bec035e489d22b56bb9598f3f42eb65d4d229acb0dbbe7594486f68861e262f8bff2dd17d8b61a3e1ac3bc35281815688d29a1c23ae6f9e0f1b8a918
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-