General
-
Target
390d59f202a84419e6cec97ffde2131e82e92fb9dcbe4a904b7b2eee7abaaf63
-
Size
407KB
-
Sample
220521-wax71adgam
-
MD5
71bce7d3dc09587a7f7b776d516d8875
-
SHA1
6367692ad19ab9947f406d82bbffbc09eccb89db
-
SHA256
390d59f202a84419e6cec97ffde2131e82e92fb9dcbe4a904b7b2eee7abaaf63
-
SHA512
d67d12723b3a8867aa4720ca3607180ff2ec86c81fb657adf7caa704511569363a962b8023082933f33b6388ae58e93203c8c928f08e95e98e62ad40ccb1248e
Static task
static1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
390d59f202a84419e6cec97ffde2131e82e92fb9dcbe4a904b7b2eee7abaaf63
-
Size
407KB
-
MD5
71bce7d3dc09587a7f7b776d516d8875
-
SHA1
6367692ad19ab9947f406d82bbffbc09eccb89db
-
SHA256
390d59f202a84419e6cec97ffde2131e82e92fb9dcbe4a904b7b2eee7abaaf63
-
SHA512
d67d12723b3a8867aa4720ca3607180ff2ec86c81fb657adf7caa704511569363a962b8023082933f33b6388ae58e93203c8c928f08e95e98e62ad40ccb1248e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-