General
-
Target
ee6418963a8f1806f668cb2f60bcfa46.exe
-
Size
401KB
-
Sample
211219-e234wsggcr
-
MD5
ee6418963a8f1806f668cb2f60bcfa46
-
SHA1
b8f86099a8130ea0cb80d0ab8106ec2899da42b1
-
SHA256
2dfa1030005e1b7041ce7644e4a639b7c8291e45572b9b0cc17803f8c8b4fc30
-
SHA512
4b25dbca92684fffd9f2bbc18a4adaf0e8bf7ca2dcdb6a4ec94102d538568d75da7c836afc78430036bb8f16b8ff0ce356e2b7ca63c93dddcdded39c57304ee5
Static task
static1
Behavioral task
behavioral1
Sample
ee6418963a8f1806f668cb2f60bcfa46.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
170
45.9.20.240:46257
Targets
-
-
Target
ee6418963a8f1806f668cb2f60bcfa46.exe
-
Size
401KB
-
MD5
ee6418963a8f1806f668cb2f60bcfa46
-
SHA1
b8f86099a8130ea0cb80d0ab8106ec2899da42b1
-
SHA256
2dfa1030005e1b7041ce7644e4a639b7c8291e45572b9b0cc17803f8c8b4fc30
-
SHA512
4b25dbca92684fffd9f2bbc18a4adaf0e8bf7ca2dcdb6a4ec94102d538568d75da7c836afc78430036bb8f16b8ff0ce356e2b7ca63c93dddcdded39c57304ee5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-