General
-
Target
9c57f3c93142e0638e6cd548691aef43dd3c879456a240fb6dbe0949114d61ea
-
Size
416KB
-
Sample
220521-r1v34schhl
-
MD5
221f4ec8379708e984bcdec9b9c6ab80
-
SHA1
be6d6ab17a4deb02640edaad468603b4b813bf49
-
SHA256
9c57f3c93142e0638e6cd548691aef43dd3c879456a240fb6dbe0949114d61ea
-
SHA512
cf1cf51c57dee52d91fe30e3f7adebbdcc857266243bb1db50887ccb66b052a1b87add61547f338a1daa6269f67aea24d406fd99dcf7476967646f26fd00659d
Static task
static1
Malware Config
Extracted
redline
Ruzki
193.233.48.58:38989
-
auth_value
80c38cc7772c328c028b0e4f42a3fac6
Targets
-
-
Target
9c57f3c93142e0638e6cd548691aef43dd3c879456a240fb6dbe0949114d61ea
-
Size
416KB
-
MD5
221f4ec8379708e984bcdec9b9c6ab80
-
SHA1
be6d6ab17a4deb02640edaad468603b4b813bf49
-
SHA256
9c57f3c93142e0638e6cd548691aef43dd3c879456a240fb6dbe0949114d61ea
-
SHA512
cf1cf51c57dee52d91fe30e3f7adebbdcc857266243bb1db50887ccb66b052a1b87add61547f338a1daa6269f67aea24d406fd99dcf7476967646f26fd00659d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-