General
-
Target
fdbd823d5dd58286a119257a76e5c430.exe
-
Size
347KB
-
Sample
220516-hcw6tshhgm
-
MD5
fdbd823d5dd58286a119257a76e5c430
-
SHA1
6f812221a034e8ce2f324dc03ae2bcb020a3a60a
-
SHA256
d8e8134f089b633b3ab11656e438a40c02e2c4c50408a781354edfa54c7125aa
-
SHA512
007bf4922b103dc91773c8e72b97eee8790a978f0b5751febd7ef14cee143b54433ef682817d5fb56935729e7f7a912c3335d68032c363c7df7087a74baf5aca
Static task
static1
Behavioral task
behavioral1
Sample
fdbd823d5dd58286a119257a76e5c430.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
top
iclarinyerac.xyz:80
manellylarii.xyz:80
-
auth_value
b66a08c69f913be894bbfce00805fab1
Targets
-
-
Target
fdbd823d5dd58286a119257a76e5c430.exe
-
Size
347KB
-
MD5
fdbd823d5dd58286a119257a76e5c430
-
SHA1
6f812221a034e8ce2f324dc03ae2bcb020a3a60a
-
SHA256
d8e8134f089b633b3ab11656e438a40c02e2c4c50408a781354edfa54c7125aa
-
SHA512
007bf4922b103dc91773c8e72b97eee8790a978f0b5751febd7ef14cee143b54433ef682817d5fb56935729e7f7a912c3335d68032c363c7df7087a74baf5aca
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-