General
-
Target
bb00b614f671754f82324228aee510dd81d2dc13a3016df618ad134656a41a48
-
Size
384KB
-
Sample
220523-a1tfvabbh8
-
MD5
1d85b4a92bed676d6c22204fa11be8d7
-
SHA1
ae4893a64e3e0f5cd2eeb0f06d64eb41805b26fb
-
SHA256
bb00b614f671754f82324228aee510dd81d2dc13a3016df618ad134656a41a48
-
SHA512
ba414d5418a9aff3720daab4048ef63c9e24b701125e7d24ee155a21e56858b53f889ca9f931596c67b51627c747f67453066025fb6ddf73d8fb1fbbbeb1f8c0
Static task
static1
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
bb00b614f671754f82324228aee510dd81d2dc13a3016df618ad134656a41a48
-
Size
384KB
-
MD5
1d85b4a92bed676d6c22204fa11be8d7
-
SHA1
ae4893a64e3e0f5cd2eeb0f06d64eb41805b26fb
-
SHA256
bb00b614f671754f82324228aee510dd81d2dc13a3016df618ad134656a41a48
-
SHA512
ba414d5418a9aff3720daab4048ef63c9e24b701125e7d24ee155a21e56858b53f889ca9f931596c67b51627c747f67453066025fb6ddf73d8fb1fbbbeb1f8c0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-