General
-
Target
ed9a85e47fc56dacb4752f85a08e3b940303e1f176b75ebb0ee1b269e428be8a
-
Size
415KB
-
Sample
220521-t8sn3aaca4
-
MD5
51e5df119d5ff3d70a27c7c9cf03d394
-
SHA1
78c5e835cb6a19ede70451223b12dccec09cc9d3
-
SHA256
ed9a85e47fc56dacb4752f85a08e3b940303e1f176b75ebb0ee1b269e428be8a
-
SHA512
f25dd72a6ef8ce36ae21153a80c57c679c78313b6c8940c4d233cfedb2e7ddee033c17cb1b398bcfd10bfec2f0b751d4e5cbbba8477663ecfffd4444ce4c82d8
Static task
static1
Malware Config
Extracted
redline
Ruzki
193.233.48.58:38989
-
auth_value
80c38cc7772c328c028b0e4f42a3fac6
Targets
-
-
Target
ed9a85e47fc56dacb4752f85a08e3b940303e1f176b75ebb0ee1b269e428be8a
-
Size
415KB
-
MD5
51e5df119d5ff3d70a27c7c9cf03d394
-
SHA1
78c5e835cb6a19ede70451223b12dccec09cc9d3
-
SHA256
ed9a85e47fc56dacb4752f85a08e3b940303e1f176b75ebb0ee1b269e428be8a
-
SHA512
f25dd72a6ef8ce36ae21153a80c57c679c78313b6c8940c4d233cfedb2e7ddee033c17cb1b398bcfd10bfec2f0b751d4e5cbbba8477663ecfffd4444ce4c82d8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-