General
-
Target
7eff2adacdc960feb3c3fdd52da4e9c9fad7d5a295df089ad115b30b1e451a73
-
Size
408KB
-
Sample
220522-rrysmsaec4
-
MD5
ecdb4977713b0f6e5683f6fad19d9145
-
SHA1
720a4dc2410cdc6c555bb1efdc05899609b8a01f
-
SHA256
7eff2adacdc960feb3c3fdd52da4e9c9fad7d5a295df089ad115b30b1e451a73
-
SHA512
31d2f022e62143a006acf2b0b16e1ed2baa3ffa246fdb0e43575d4fd775990491764aa3c81ddd49a848497979c7c0d63afc95f9915d923afcc7cf743fd6205a9
Static task
static1
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
7eff2adacdc960feb3c3fdd52da4e9c9fad7d5a295df089ad115b30b1e451a73
-
Size
408KB
-
MD5
ecdb4977713b0f6e5683f6fad19d9145
-
SHA1
720a4dc2410cdc6c555bb1efdc05899609b8a01f
-
SHA256
7eff2adacdc960feb3c3fdd52da4e9c9fad7d5a295df089ad115b30b1e451a73
-
SHA512
31d2f022e62143a006acf2b0b16e1ed2baa3ffa246fdb0e43575d4fd775990491764aa3c81ddd49a848497979c7c0d63afc95f9915d923afcc7cf743fd6205a9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-