General
-
Target
94dd57da5bf05c349b001125cdf496136dec0cb621c726da2bd8245fdb18d5db
-
Size
407KB
-
Sample
220522-cawjmaeff5
-
MD5
1a29f593a9e7838e6364b59fffd342c1
-
SHA1
eac41cfc24cc5d2e05f642408b39ba56ceb27e6e
-
SHA256
94dd57da5bf05c349b001125cdf496136dec0cb621c726da2bd8245fdb18d5db
-
SHA512
d57eb305f20ced237b45acf3a88cd8857e7862f477c9da9291acee3cab25248344cfb8a856007bb674e334f42c8a8a9b3b478ed04dcf1f2588de4961585f0f74
Static task
static1
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
94dd57da5bf05c349b001125cdf496136dec0cb621c726da2bd8245fdb18d5db
-
Size
407KB
-
MD5
1a29f593a9e7838e6364b59fffd342c1
-
SHA1
eac41cfc24cc5d2e05f642408b39ba56ceb27e6e
-
SHA256
94dd57da5bf05c349b001125cdf496136dec0cb621c726da2bd8245fdb18d5db
-
SHA512
d57eb305f20ced237b45acf3a88cd8857e7862f477c9da9291acee3cab25248344cfb8a856007bb674e334f42c8a8a9b3b478ed04dcf1f2588de4961585f0f74
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-