General
-
Target
86fc141655ef3842be861de3ad4f566d.exe
-
Size
330KB
-
Sample
220515-nnt4haghep
-
MD5
86fc141655ef3842be861de3ad4f566d
-
SHA1
626fe12a4a925355053d1a0cd70e9eedaea6fc0e
-
SHA256
b86b2701c8e065a75b55d8a8fcf6cc980e21d5587e7f2a9def7bfdbdcc386651
-
SHA512
a5453ae840855523e728c33df3abe9e7230aa6d9a63305fea3de6433dbba188e98de4dc978948023b890009c0b1c515496bfd8818d27827bfdfad09bf494edf0
Static task
static1
Behavioral task
behavioral1
Sample
86fc141655ef3842be861de3ad4f566d.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
top
iclarinyerac.xyz:80
manellylarii.xyz:80
-
auth_value
b66a08c69f913be894bbfce00805fab1
Targets
-
-
Target
86fc141655ef3842be861de3ad4f566d.exe
-
Size
330KB
-
MD5
86fc141655ef3842be861de3ad4f566d
-
SHA1
626fe12a4a925355053d1a0cd70e9eedaea6fc0e
-
SHA256
b86b2701c8e065a75b55d8a8fcf6cc980e21d5587e7f2a9def7bfdbdcc386651
-
SHA512
a5453ae840855523e728c33df3abe9e7230aa6d9a63305fea3de6433dbba188e98de4dc978948023b890009c0b1c515496bfd8818d27827bfdfad09bf494edf0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-