General
-
Target
bf6b0d690b0a8000eb9d173977c91675e8c5da6afc428b4d8819fc3e82aa4be5
-
Size
434KB
-
Sample
220517-25zxzadahr
-
MD5
ec43dc48aac68a5f149e32c99262c441
-
SHA1
389949e8911ae73abfe9d3401467f75767a99f1a
-
SHA256
bf6b0d690b0a8000eb9d173977c91675e8c5da6afc428b4d8819fc3e82aa4be5
-
SHA512
29fbf897af9cda3470136e90f1198116e7a4a78d849b536aa4679770f325e95e189a02259a7808d9e2eff0df427c205c962e683cb14c5aa5fe94264308a3b1ed
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
bf6b0d690b0a8000eb9d173977c91675e8c5da6afc428b4d8819fc3e82aa4be5
-
Size
434KB
-
MD5
ec43dc48aac68a5f149e32c99262c441
-
SHA1
389949e8911ae73abfe9d3401467f75767a99f1a
-
SHA256
bf6b0d690b0a8000eb9d173977c91675e8c5da6afc428b4d8819fc3e82aa4be5
-
SHA512
29fbf897af9cda3470136e90f1198116e7a4a78d849b536aa4679770f325e95e189a02259a7808d9e2eff0df427c205c962e683cb14c5aa5fe94264308a3b1ed
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-