General
-
Target
390eeeda15e3d39c80e353464d36beb1c7d017cd308129493e490108d1c093cf
-
Size
431KB
-
Sample
220516-v8yqraedck
-
MD5
e7b96d88cac80398700ee2a5da41d67b
-
SHA1
ef85db9a2ef353d97bb074d330b44d72d016ae47
-
SHA256
390eeeda15e3d39c80e353464d36beb1c7d017cd308129493e490108d1c093cf
-
SHA512
eec95f529c23f7a99810449d382fbd24efbcb0229b70b3ccaadd8214b1d1ba419d5176140bebf2781d5ee997487dd41d5c340866e76541a747aed53e3a4ddca9
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
390eeeda15e3d39c80e353464d36beb1c7d017cd308129493e490108d1c093cf
-
Size
431KB
-
MD5
e7b96d88cac80398700ee2a5da41d67b
-
SHA1
ef85db9a2ef353d97bb074d330b44d72d016ae47
-
SHA256
390eeeda15e3d39c80e353464d36beb1c7d017cd308129493e490108d1c093cf
-
SHA512
eec95f529c23f7a99810449d382fbd24efbcb0229b70b3ccaadd8214b1d1ba419d5176140bebf2781d5ee997487dd41d5c340866e76541a747aed53e3a4ddca9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-