General
-
Target
194c47ca1824071873b16ed49e373f5109ced8eedc694dbbca5878a02cac16c8
-
Size
416KB
-
Sample
220521-wfkh4aadh4
-
MD5
d32413bbfc52ec23d1d28be9162a8f39
-
SHA1
64e5eeb5e1e873bd0f2ec9b89ff56db0c312d842
-
SHA256
194c47ca1824071873b16ed49e373f5109ced8eedc694dbbca5878a02cac16c8
-
SHA512
66401b51a2b8c7cfdde474f38388f61df5162e810c13a1c0138006007ef3aa559c266a0d225c73714545cea4c52fb502b17a2dfb8a7346fe8800cd9c8332b43e
Static task
static1
Malware Config
Extracted
redline
Ruzki
193.233.48.58:38989
-
auth_value
80c38cc7772c328c028b0e4f42a3fac6
Targets
-
-
Target
194c47ca1824071873b16ed49e373f5109ced8eedc694dbbca5878a02cac16c8
-
Size
416KB
-
MD5
d32413bbfc52ec23d1d28be9162a8f39
-
SHA1
64e5eeb5e1e873bd0f2ec9b89ff56db0c312d842
-
SHA256
194c47ca1824071873b16ed49e373f5109ced8eedc694dbbca5878a02cac16c8
-
SHA512
66401b51a2b8c7cfdde474f38388f61df5162e810c13a1c0138006007ef3aa559c266a0d225c73714545cea4c52fb502b17a2dfb8a7346fe8800cd9c8332b43e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-