General
-
Target
0x0006000000023215-178.dat
-
Size
88KB
-
Sample
220418-nszvjshbd3
-
MD5
996fdc6ba853d25224d6f608ea28cc15
-
SHA1
0a6cdd4c1450ceafd82644b7fbb9aafb845033e4
-
SHA256
cddb3040a3feb3dd11945f4bb2e5ec21754d0f1ac8eb47644f5aaada8136a7d2
-
SHA512
0c720655d076f193d927c54467ce3b4c4942ef705a09fe97055cbc20cf11464437b6a51427ec4872c458096bdb84a82f7e67c8338953a5b27ce7bc779a50b0a2
Behavioral task
behavioral1
Sample
0x0006000000023215-178.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
install
193.150.103.38:40169
-
auth_value
7b121606198c8456e17d49ab8c2d0e42
Targets
-
-
Target
0x0006000000023215-178.dat
-
Size
88KB
-
MD5
996fdc6ba853d25224d6f608ea28cc15
-
SHA1
0a6cdd4c1450ceafd82644b7fbb9aafb845033e4
-
SHA256
cddb3040a3feb3dd11945f4bb2e5ec21754d0f1ac8eb47644f5aaada8136a7d2
-
SHA512
0c720655d076f193d927c54467ce3b4c4942ef705a09fe97055cbc20cf11464437b6a51427ec4872c458096bdb84a82f7e67c8338953a5b27ce7bc779a50b0a2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-