General
-
Target
c946e25af5090819345379f0a23e619b263dc5e08f2300fea2e7dd3d11bd967f
-
Size
407KB
-
Sample
220522-eyrxfsfcb3
-
MD5
f5a2f198d923a28a247682078681d2ed
-
SHA1
0d498e2a4eb99068285852ea096de476fe624da4
-
SHA256
c946e25af5090819345379f0a23e619b263dc5e08f2300fea2e7dd3d11bd967f
-
SHA512
df4cd575d080e60873e73bbe9a91f58932e439afc795330e1feda30c9e1e9e96277075b124edf916a9ca1cc3b9ea624b5155ddd37911032770b490760110eb9e
Static task
static1
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
c946e25af5090819345379f0a23e619b263dc5e08f2300fea2e7dd3d11bd967f
-
Size
407KB
-
MD5
f5a2f198d923a28a247682078681d2ed
-
SHA1
0d498e2a4eb99068285852ea096de476fe624da4
-
SHA256
c946e25af5090819345379f0a23e619b263dc5e08f2300fea2e7dd3d11bd967f
-
SHA512
df4cd575d080e60873e73bbe9a91f58932e439afc795330e1feda30c9e1e9e96277075b124edf916a9ca1cc3b9ea624b5155ddd37911032770b490760110eb9e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-