General
-
Target
a29c581429ca43470223b40d327fab0b79d4a46f2c34ce8a88ae0f5666aad707
-
Size
394KB
-
Sample
220518-x1639sfggm
-
MD5
a53a33f018dd518277d0d30877b8d5df
-
SHA1
641235cbc5dff8cc28e060465fe1ecc26222465b
-
SHA256
a29c581429ca43470223b40d327fab0b79d4a46f2c34ce8a88ae0f5666aad707
-
SHA512
26164f6be50753b9b90082e07715cce9e949fd7e53c639b5b16e9eba4e980c9ba3c6418fd93eeb8c8ea8bf8f1edb43400a34a91eb872c93dfcfce4fbc26a0840
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
a29c581429ca43470223b40d327fab0b79d4a46f2c34ce8a88ae0f5666aad707
-
Size
394KB
-
MD5
a53a33f018dd518277d0d30877b8d5df
-
SHA1
641235cbc5dff8cc28e060465fe1ecc26222465b
-
SHA256
a29c581429ca43470223b40d327fab0b79d4a46f2c34ce8a88ae0f5666aad707
-
SHA512
26164f6be50753b9b90082e07715cce9e949fd7e53c639b5b16e9eba4e980c9ba3c6418fd93eeb8c8ea8bf8f1edb43400a34a91eb872c93dfcfce4fbc26a0840
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-