General
-
Target
88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779
-
Size
416KB
-
Sample
220521-skprtshgh5
-
MD5
3f9fa9eda535e8bbba665fb4466fd64d
-
SHA1
50737150378d24054642505217458cd33de9e36e
-
SHA256
88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779
-
SHA512
413d9a05088c3bcf4bb1dcea6e4f2e09c9f99c920dbba883ed0e8715694a8baaa1034a2ab7a77c50c679e1565fb2ea85931f85c5fec0eb6c64474c971a588772
Static task
static1
Behavioral task
behavioral1
Sample
88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779
-
Size
416KB
-
MD5
3f9fa9eda535e8bbba665fb4466fd64d
-
SHA1
50737150378d24054642505217458cd33de9e36e
-
SHA256
88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779
-
SHA512
413d9a05088c3bcf4bb1dcea6e4f2e09c9f99c920dbba883ed0e8715694a8baaa1034a2ab7a77c50c679e1565fb2ea85931f85c5fec0eb6c64474c971a588772
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-