General
-
Target
ba9632d91e98c69694665f3b2d548727.exe
-
Size
367KB
-
Sample
220515-ak16racbh3
-
MD5
ba9632d91e98c69694665f3b2d548727
-
SHA1
7760b4f9655372cd51e0fe7dcd446ddf6ccd5a89
-
SHA256
b994b13578ace741660c1ce99115ec903da01af6ff4b5873fc5a39fa05348508
-
SHA512
df805726b0d1b86545438b01bc6550d0fb95c008e682a2b35c4491c29156c3c4396d1be28082193536b64dc9558145d5a9647146aa127caa5ddd5e2ba08566cc
Static task
static1
Behavioral task
behavioral1
Sample
ba9632d91e98c69694665f3b2d548727.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
51
193.106.191.182:23196
-
auth_value
21351f5b8358ade7446b0c10ec81735e
Targets
-
-
Target
ba9632d91e98c69694665f3b2d548727.exe
-
Size
367KB
-
MD5
ba9632d91e98c69694665f3b2d548727
-
SHA1
7760b4f9655372cd51e0fe7dcd446ddf6ccd5a89
-
SHA256
b994b13578ace741660c1ce99115ec903da01af6ff4b5873fc5a39fa05348508
-
SHA512
df805726b0d1b86545438b01bc6550d0fb95c008e682a2b35c4491c29156c3c4396d1be28082193536b64dc9558145d5a9647146aa127caa5ddd5e2ba08566cc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-