General
-
Target
a372c5db31e75dd1c4e8115f34f76ecca92ef1609aff39438ef713b6f80d2682
-
Size
286KB
-
Sample
211126-ty7egaddhm
-
MD5
197b74338ca30afac3ec7ba13f598e7e
-
SHA1
12e017922682922ba96fedab9e79761edb62886c
-
SHA256
a372c5db31e75dd1c4e8115f34f76ecca92ef1609aff39438ef713b6f80d2682
-
SHA512
db018f0692d1ef03aca4a5c36d73c9eb6e06594004a9bcbee30d8e678a5d915205fa4134758eb15b131c5fd4834403890b9927aee355e83d887feee77a79eafb
Static task
static1
Behavioral task
behavioral1
Sample
a372c5db31e75dd1c4e8115f34f76ecca92ef1609aff39438ef713b6f80d2682.exe
Resource
win10-en-20211104
Malware Config
Extracted
redline
BADMAN2020
147.124.208.247:34932
Targets
-
-
Target
a372c5db31e75dd1c4e8115f34f76ecca92ef1609aff39438ef713b6f80d2682
-
Size
286KB
-
MD5
197b74338ca30afac3ec7ba13f598e7e
-
SHA1
12e017922682922ba96fedab9e79761edb62886c
-
SHA256
a372c5db31e75dd1c4e8115f34f76ecca92ef1609aff39438ef713b6f80d2682
-
SHA512
db018f0692d1ef03aca4a5c36d73c9eb6e06594004a9bcbee30d8e678a5d915205fa4134758eb15b131c5fd4834403890b9927aee355e83d887feee77a79eafb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-