General
-
Target
dae9d15a9a3ca2581fc5296edf1c742a27b13ac648252889adf8ed1ab0fc7531
-
Size
407KB
-
Sample
220521-kzj6wseebn
-
MD5
a1c625cf31ecf5dc4330639f616dfab5
-
SHA1
1d7a84575a5c5e082ff612407992278d3a3e7d6f
-
SHA256
dae9d15a9a3ca2581fc5296edf1c742a27b13ac648252889adf8ed1ab0fc7531
-
SHA512
8a642a53d1d7d43d97bd66f96aa6d35a1153a22b6e8a36efb7c57a8df7f4d4ce7b85d05574d996cff55d73017836e63ace0d881da941784d32fbee8ce54c874f
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
dae9d15a9a3ca2581fc5296edf1c742a27b13ac648252889adf8ed1ab0fc7531
-
Size
407KB
-
MD5
a1c625cf31ecf5dc4330639f616dfab5
-
SHA1
1d7a84575a5c5e082ff612407992278d3a3e7d6f
-
SHA256
dae9d15a9a3ca2581fc5296edf1c742a27b13ac648252889adf8ed1ab0fc7531
-
SHA512
8a642a53d1d7d43d97bd66f96aa6d35a1153a22b6e8a36efb7c57a8df7f4d4ce7b85d05574d996cff55d73017836e63ace0d881da941784d32fbee8ce54c874f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-