General
-
Target
8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
-
Size
356KB
-
Sample
211110-lzcmgsgfh6
-
MD5
94ca7dbe0e44b81f651942c0e5374ab4
-
SHA1
541d51c251339d3f72235fcfd8317f28fb30977f
-
SHA256
8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
-
SHA512
70924bcf984ce88731ac7ae00df02ffbf9a3c2af24a9954a004e69b5140044308fe714dcdcc0a6187a94142cb2d6e86c712b59ba533ecc1335a26603545b1e61
Static task
static1
Behavioral task
behavioral1
Sample
8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63.exe
Resource
win10-en-20211014
Malware Config
Extracted
redline
1132044836
185.183.32.184:80
Targets
-
-
Target
8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
-
Size
356KB
-
MD5
94ca7dbe0e44b81f651942c0e5374ab4
-
SHA1
541d51c251339d3f72235fcfd8317f28fb30977f
-
SHA256
8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
-
SHA512
70924bcf984ce88731ac7ae00df02ffbf9a3c2af24a9954a004e69b5140044308fe714dcdcc0a6187a94142cb2d6e86c712b59ba533ecc1335a26603545b1e61
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-