General
-
Target
aafa1b6a152aa6acf1c44624ca7c32003b9da842e4af6007729f20b7757b4a95
-
Size
430KB
-
Sample
220516-w6smdsbgf8
-
MD5
0737338e5571813b061d41d23990d82d
-
SHA1
80c84ee006440b565b984c58062c911192753c6b
-
SHA256
aafa1b6a152aa6acf1c44624ca7c32003b9da842e4af6007729f20b7757b4a95
-
SHA512
a03bff9e4d9f6d900d761343ec0886b0e86c92bba24e67c32645b70a12954e2595ef710ad209c32f1419b009221a280dcef3e99accb568d2f5509b569309c3ed
Static task
static1
Malware Config
Extracted
redline
51
193.106.191.182:23196
-
auth_value
21351f5b8358ade7446b0c10ec81735e
Targets
-
-
Target
aafa1b6a152aa6acf1c44624ca7c32003b9da842e4af6007729f20b7757b4a95
-
Size
430KB
-
MD5
0737338e5571813b061d41d23990d82d
-
SHA1
80c84ee006440b565b984c58062c911192753c6b
-
SHA256
aafa1b6a152aa6acf1c44624ca7c32003b9da842e4af6007729f20b7757b4a95
-
SHA512
a03bff9e4d9f6d900d761343ec0886b0e86c92bba24e67c32645b70a12954e2595ef710ad209c32f1419b009221a280dcef3e99accb568d2f5509b569309c3ed
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-