General
-
Target
d96de05321c98e5e49c84afe0b5aae46.exe
-
Size
370KB
-
Sample
220514-jqdgbagce8
-
MD5
d96de05321c98e5e49c84afe0b5aae46
-
SHA1
0469b105dffd0d51c1b6667c3e69515a805a0aa8
-
SHA256
967e98b250c72d4222068a1dcef714211a3c3bf5562c5befd98b43e443f107eb
-
SHA512
b80cc2d77a5e0062c83e5aa5d1e1ce46e4262b1f89791e2bde02bfe822521d56bdc6526e0dfb202c1602a10d2484d6428f317dcb38407f7e58dc42237b0f8d6e
Static task
static1
Behavioral task
behavioral1
Sample
d96de05321c98e5e49c84afe0b5aae46.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
51
193.106.191.182:23196
-
auth_value
21351f5b8358ade7446b0c10ec81735e
Targets
-
-
Target
d96de05321c98e5e49c84afe0b5aae46.exe
-
Size
370KB
-
MD5
d96de05321c98e5e49c84afe0b5aae46
-
SHA1
0469b105dffd0d51c1b6667c3e69515a805a0aa8
-
SHA256
967e98b250c72d4222068a1dcef714211a3c3bf5562c5befd98b43e443f107eb
-
SHA512
b80cc2d77a5e0062c83e5aa5d1e1ce46e4262b1f89791e2bde02bfe822521d56bdc6526e0dfb202c1602a10d2484d6428f317dcb38407f7e58dc42237b0f8d6e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-