General
-
Target
6ec027055c0683fd0857340e20051a356f9def7f0ac7e6a3ceaf49152d498046
-
Size
345KB
-
Sample
220516-jxpsxsacfp
-
MD5
dc9d8e96671c61c5cb8de64efe469ebb
-
SHA1
7c817c5568c03140c43a0d31a1d2f0f711d11f5b
-
SHA256
6ec027055c0683fd0857340e20051a356f9def7f0ac7e6a3ceaf49152d498046
-
SHA512
1224c48962197e4c95e72fd3a43f261a2b241085f82aa6420f368ad5217c8b450b54026b6346dd495abc62017688b6486289bbda7d885ab17d8bd2f3a0175bd7
Static task
static1
Malware Config
Extracted
redline
top
iclarinyerac.xyz:80
manellylarii.xyz:80
-
auth_value
b66a08c69f913be894bbfce00805fab1
Targets
-
-
Target
6ec027055c0683fd0857340e20051a356f9def7f0ac7e6a3ceaf49152d498046
-
Size
345KB
-
MD5
dc9d8e96671c61c5cb8de64efe469ebb
-
SHA1
7c817c5568c03140c43a0d31a1d2f0f711d11f5b
-
SHA256
6ec027055c0683fd0857340e20051a356f9def7f0ac7e6a3ceaf49152d498046
-
SHA512
1224c48962197e4c95e72fd3a43f261a2b241085f82aa6420f368ad5217c8b450b54026b6346dd495abc62017688b6486289bbda7d885ab17d8bd2f3a0175bd7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-