General
-
Target
9bef96548681a4735f8e0fb29f5d60aa9d1dbeab65ff0e0f0584f1d49d436124
-
Size
384KB
-
Sample
220520-x1bmcscee7
-
MD5
ff242b68cfc12012733bffb45b7e23cf
-
SHA1
55ed0c670edc2689ef49cc84a751e8351a646759
-
SHA256
9bef96548681a4735f8e0fb29f5d60aa9d1dbeab65ff0e0f0584f1d49d436124
-
SHA512
315458b47ac61bd8a9b4e77f0555cb81d73f96cd956dc7146218dcc93668b59656379053e1e6328338196a5e9a929f4f1cd89041bfd1e33791d0dba978b2d0cd
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
9bef96548681a4735f8e0fb29f5d60aa9d1dbeab65ff0e0f0584f1d49d436124
-
Size
384KB
-
MD5
ff242b68cfc12012733bffb45b7e23cf
-
SHA1
55ed0c670edc2689ef49cc84a751e8351a646759
-
SHA256
9bef96548681a4735f8e0fb29f5d60aa9d1dbeab65ff0e0f0584f1d49d436124
-
SHA512
315458b47ac61bd8a9b4e77f0555cb81d73f96cd956dc7146218dcc93668b59656379053e1e6328338196a5e9a929f4f1cd89041bfd1e33791d0dba978b2d0cd
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-