General
-
Target
df5e1c28a977446f3cb06300e645ee20.exe
-
Size
347KB
-
Sample
220516-g92l5sfea3
-
MD5
df5e1c28a977446f3cb06300e645ee20
-
SHA1
7909aba88dbede10621b2f178b965f60a851905e
-
SHA256
043fefce38431a825ec0ee15bb352c7a95fd3332fd346d81c5b3f87f16b02f1d
-
SHA512
198da1b836ef61cfb51610630edc932420a8f5ff1f95b9fdbe5671607b147a226380dd49e35124c34b42ce22c981b99655e59d08dc38063a35602609ebc98b03
Static task
static1
Behavioral task
behavioral1
Sample
df5e1c28a977446f3cb06300e645ee20.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
top
iclarinyerac.xyz:80
manellylarii.xyz:80
-
auth_value
b66a08c69f913be894bbfce00805fab1
Targets
-
-
Target
df5e1c28a977446f3cb06300e645ee20.exe
-
Size
347KB
-
MD5
df5e1c28a977446f3cb06300e645ee20
-
SHA1
7909aba88dbede10621b2f178b965f60a851905e
-
SHA256
043fefce38431a825ec0ee15bb352c7a95fd3332fd346d81c5b3f87f16b02f1d
-
SHA512
198da1b836ef61cfb51610630edc932420a8f5ff1f95b9fdbe5671607b147a226380dd49e35124c34b42ce22c981b99655e59d08dc38063a35602609ebc98b03
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-