General
-
Target
eb9d6fec460b37530335ebdf91025d5e.exe
-
Size
413KB
-
Sample
220524-kzfhpsgdh7
-
MD5
eb9d6fec460b37530335ebdf91025d5e
-
SHA1
a25a75fb69b0173c75292bb76c65e524df295bbe
-
SHA256
62c0f4bd6f59f420b403da7d3bad9a48ff3857c56c386e8220ee2c6f6ca18449
-
SHA512
5fe4cfa5e3874665504641b2b1e5f6df69f3be2f33561efcd1e72957cff7a52a1074e19eac925ce463e14f8b3517ee7785a108704ca6254c679d82ab28b1922d
Static task
static1
Behavioral task
behavioral1
Sample
eb9d6fec460b37530335ebdf91025d5e.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
redline
193.106.191.225:15304
-
auth_value
7357e43942d666e37ce6cba9e0dcacd9
Targets
-
-
Target
eb9d6fec460b37530335ebdf91025d5e.exe
-
Size
413KB
-
MD5
eb9d6fec460b37530335ebdf91025d5e
-
SHA1
a25a75fb69b0173c75292bb76c65e524df295bbe
-
SHA256
62c0f4bd6f59f420b403da7d3bad9a48ff3857c56c386e8220ee2c6f6ca18449
-
SHA512
5fe4cfa5e3874665504641b2b1e5f6df69f3be2f33561efcd1e72957cff7a52a1074e19eac925ce463e14f8b3517ee7785a108704ca6254c679d82ab28b1922d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-