General
-
Target
a3ba2e2b0d8202fe56ae33251757aca95e286e232bd6d2bc2f369b5dbfdc7b4b
-
Size
407KB
-
Sample
220522-kms82achaq
-
MD5
44892f3e2d0aa6a5cccf55b1d0f7edd1
-
SHA1
7a316981fa81268c4c8087f5745e34c0eb603f24
-
SHA256
a3ba2e2b0d8202fe56ae33251757aca95e286e232bd6d2bc2f369b5dbfdc7b4b
-
SHA512
5ba80212955bdf283cddddc8e72fec71211f1e5a9f05f259461482ec2616c6f37638e0941939fda0ee30c364b242848d488aabb13eb34b71e0807a66a4fce891
Static task
static1
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
a3ba2e2b0d8202fe56ae33251757aca95e286e232bd6d2bc2f369b5dbfdc7b4b
-
Size
407KB
-
MD5
44892f3e2d0aa6a5cccf55b1d0f7edd1
-
SHA1
7a316981fa81268c4c8087f5745e34c0eb603f24
-
SHA256
a3ba2e2b0d8202fe56ae33251757aca95e286e232bd6d2bc2f369b5dbfdc7b4b
-
SHA512
5ba80212955bdf283cddddc8e72fec71211f1e5a9f05f259461482ec2616c6f37638e0941939fda0ee30c364b242848d488aabb13eb34b71e0807a66a4fce891
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-