General
-
Target
fe1300d54cfbf95baf658c0a0463ebd3
-
Size
307KB
-
Sample
211128-24jvcsagel
-
MD5
fe1300d54cfbf95baf658c0a0463ebd3
-
SHA1
88914030aba7f39b9a844df0f341bbd634067696
-
SHA256
8c29ea9da60f50c3412b4e7c239402830b087e2dfdfb1226574881bf3ed18e5d
-
SHA512
55294738fd57e8070673bfa7c8de1e482c69b5bdb2ef08ce2949096b02e8b9503dc6e24e96fd3e44ae0e55dfab7d8489f9b954ef8412cb78e74a1c4356b89478
Static task
static1
Behavioral task
behavioral1
Sample
fe1300d54cfbf95baf658c0a0463ebd3.exe
Resource
win7-en-20211104
Malware Config
Extracted
redline
Sleeze
194.127.179.0:42417
Targets
-
-
Target
fe1300d54cfbf95baf658c0a0463ebd3
-
Size
307KB
-
MD5
fe1300d54cfbf95baf658c0a0463ebd3
-
SHA1
88914030aba7f39b9a844df0f341bbd634067696
-
SHA256
8c29ea9da60f50c3412b4e7c239402830b087e2dfdfb1226574881bf3ed18e5d
-
SHA512
55294738fd57e8070673bfa7c8de1e482c69b5bdb2ef08ce2949096b02e8b9503dc6e24e96fd3e44ae0e55dfab7d8489f9b954ef8412cb78e74a1c4356b89478
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-