General
-
Target
2bcc9ed563669f8007cec75c3fe6cd79fa0425cd781da80e0241557c2806de22
-
Size
399KB
-
Sample
220511-19vndabad8
-
MD5
b39816bc106dc09aba8a1341d83bfe29
-
SHA1
8ec230bf2515b9a79c0e8c06053cdb75d40e09ee
-
SHA256
2bcc9ed563669f8007cec75c3fe6cd79fa0425cd781da80e0241557c2806de22
-
SHA512
8d540901ff1fb7db8cb9a2b6eb172df7a4e24270b508bd53e83c7d17c67458142848f98c555288d2203fd84b1ce30324bde1bb06bf3cfdce1c4c5b660b594eba
Static task
static1
Behavioral task
behavioral1
Sample
2bcc9ed563669f8007cec75c3fe6cd79fa0425cd781da80e0241557c2806de22.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
2
51.89.204.186:36124
-
auth_value
aa046d0ca32fcb8538726e938e3bd00c
Targets
-
-
Target
2bcc9ed563669f8007cec75c3fe6cd79fa0425cd781da80e0241557c2806de22
-
Size
399KB
-
MD5
b39816bc106dc09aba8a1341d83bfe29
-
SHA1
8ec230bf2515b9a79c0e8c06053cdb75d40e09ee
-
SHA256
2bcc9ed563669f8007cec75c3fe6cd79fa0425cd781da80e0241557c2806de22
-
SHA512
8d540901ff1fb7db8cb9a2b6eb172df7a4e24270b508bd53e83c7d17c67458142848f98c555288d2203fd84b1ce30324bde1bb06bf3cfdce1c4c5b660b594eba
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-