General
-
Target
4dbbeccd73511b4841dbac98c7129671d2281318abdd997ee85a9e0529536cd0
-
Size
345KB
-
Sample
220516-lhbc4aagdk
-
MD5
7548b3e564b7b358d53aa55e4b35d3d4
-
SHA1
790a8d6364a557805f67c0b0d4ada23beb0b4ea8
-
SHA256
4dbbeccd73511b4841dbac98c7129671d2281318abdd997ee85a9e0529536cd0
-
SHA512
79a40815e29d80b1b46a113ca095ce36d326eaa588b83c95f5fb6cfe7dfd31cd151b6e2e16139c940708a54a644aabecc90f8ff1e735f75646bb90227e59fbbb
Static task
static1
Malware Config
Extracted
redline
51
193.106.191.182:23196
-
auth_value
21351f5b8358ade7446b0c10ec81735e
Targets
-
-
Target
4dbbeccd73511b4841dbac98c7129671d2281318abdd997ee85a9e0529536cd0
-
Size
345KB
-
MD5
7548b3e564b7b358d53aa55e4b35d3d4
-
SHA1
790a8d6364a557805f67c0b0d4ada23beb0b4ea8
-
SHA256
4dbbeccd73511b4841dbac98c7129671d2281318abdd997ee85a9e0529536cd0
-
SHA512
79a40815e29d80b1b46a113ca095ce36d326eaa588b83c95f5fb6cfe7dfd31cd151b6e2e16139c940708a54a644aabecc90f8ff1e735f75646bb90227e59fbbb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-