General
-
Target
fc1fdd91413f172a81d3960078dcbfd7f00281091552432b1c25cd034923dd18
-
Size
395KB
-
Sample
220518-ztb1nadhe9
-
MD5
98e595d60b6083338e65fea5740c10e3
-
SHA1
8c118ab165e1cb3b19e611877af11fa98f49b6a0
-
SHA256
fc1fdd91413f172a81d3960078dcbfd7f00281091552432b1c25cd034923dd18
-
SHA512
7632673175d76ff80ba023c3e4472b78e6a5e59f287cabbabd659c3a331a997d9b3b22041375fc00018d65302500afaee160c959886a2f99cee211950d1d9382
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
fc1fdd91413f172a81d3960078dcbfd7f00281091552432b1c25cd034923dd18
-
Size
395KB
-
MD5
98e595d60b6083338e65fea5740c10e3
-
SHA1
8c118ab165e1cb3b19e611877af11fa98f49b6a0
-
SHA256
fc1fdd91413f172a81d3960078dcbfd7f00281091552432b1c25cd034923dd18
-
SHA512
7632673175d76ff80ba023c3e4472b78e6a5e59f287cabbabd659c3a331a997d9b3b22041375fc00018d65302500afaee160c959886a2f99cee211950d1d9382
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-