General
-
Target
ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
-
Size
347KB
-
Sample
220515-xv3tnafca8
-
MD5
086fba22ee6ad950cb980aa2452ed0de
-
SHA1
6e1ddacd78e52a5088608957339b589359e565b9
-
SHA256
ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
-
SHA512
ceb00eec284644d7ce439d41109695df64d8009c3178ede3a19419fb630db9344d8d3df495d0d12dc48674083947baa991699bb4b411d2b924d1c2862640a7b1
Static task
static1
Malware Config
Extracted
redline
51
193.106.191.182:23196
-
auth_value
21351f5b8358ade7446b0c10ec81735e
Targets
-
-
Target
ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
-
Size
347KB
-
MD5
086fba22ee6ad950cb980aa2452ed0de
-
SHA1
6e1ddacd78e52a5088608957339b589359e565b9
-
SHA256
ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
-
SHA512
ceb00eec284644d7ce439d41109695df64d8009c3178ede3a19419fb630db9344d8d3df495d0d12dc48674083947baa991699bb4b411d2b924d1c2862640a7b1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-