General
-
Target
e7f29b6efc24a3bddfe9028cf7e5d858.exe
-
Size
664KB
-
Sample
220129-t4tessdfhl
-
MD5
e7f29b6efc24a3bddfe9028cf7e5d858
-
SHA1
330a2d2531311ab08a5f3d0add4c18af979f4f33
-
SHA256
ba3b4d7d9ddc010dd62bcaa07bee707732458e57fca9e6b39ac4e2069833a3d3
-
SHA512
26aa2a62d738f471f2f8cd01f549f68769f013df019a032e47e132aa9b484f2cf13529939d0ee434e7944d58f2f402a370b20532782def4b8ffb78a19f334ea3
Static task
static1
Behavioral task
behavioral1
Sample
e7f29b6efc24a3bddfe9028cf7e5d858.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
test22
192.3.249.96:7094
Targets
-
-
Target
e7f29b6efc24a3bddfe9028cf7e5d858.exe
-
Size
664KB
-
MD5
e7f29b6efc24a3bddfe9028cf7e5d858
-
SHA1
330a2d2531311ab08a5f3d0add4c18af979f4f33
-
SHA256
ba3b4d7d9ddc010dd62bcaa07bee707732458e57fca9e6b39ac4e2069833a3d3
-
SHA512
26aa2a62d738f471f2f8cd01f549f68769f013df019a032e47e132aa9b484f2cf13529939d0ee434e7944d58f2f402a370b20532782def4b8ffb78a19f334ea3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-