General
-
Target
0f8c8d8785a7fed85753bdfa7653f8708cfbfade43c7d614bffbb3873a2a3cd6
-
Size
384KB
-
Sample
220520-pfxp4abdd3
-
MD5
5b6a29fb6ee5985a9058454834b6432a
-
SHA1
941c6a80e9b514a988ed344f8ad966a4438a71d4
-
SHA256
0f8c8d8785a7fed85753bdfa7653f8708cfbfade43c7d614bffbb3873a2a3cd6
-
SHA512
14969b83590c755f8dcb8b7e5369fa1b8e1acf9363e022059e72479b6784a3cf7ec68ecbd57cfceef090eda17254bd4ca21ed9605feaa10e244ade2ea05cacf8
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
0f8c8d8785a7fed85753bdfa7653f8708cfbfade43c7d614bffbb3873a2a3cd6
-
Size
384KB
-
MD5
5b6a29fb6ee5985a9058454834b6432a
-
SHA1
941c6a80e9b514a988ed344f8ad966a4438a71d4
-
SHA256
0f8c8d8785a7fed85753bdfa7653f8708cfbfade43c7d614bffbb3873a2a3cd6
-
SHA512
14969b83590c755f8dcb8b7e5369fa1b8e1acf9363e022059e72479b6784a3cf7ec68ecbd57cfceef090eda17254bd4ca21ed9605feaa10e244ade2ea05cacf8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-