General
-
Target
19f7fd710ee944e138057fd178ddfc94.exe
-
Size
397KB
-
Sample
220524-l43dpsgga7
-
MD5
19f7fd710ee944e138057fd178ddfc94
-
SHA1
cfb6d6686c2b894c6672e9b00b3ca43cddfc7cc8
-
SHA256
959c0ef7180f57d3159570b691671e9a51833c193d9727d374d7965740fb0b57
-
SHA512
b3a9f2f5a3ccb770d63d6e7edfefabd1390433329ab7da84125cc875ad277d36cdf18558258a9d6b9301a1d6c5a85c825419946ab047516595f069d4f154a2d2
Static task
static1
Behavioral task
behavioral1
Sample
19f7fd710ee944e138057fd178ddfc94.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
19f7fd710ee944e138057fd178ddfc94.exe
-
Size
397KB
-
MD5
19f7fd710ee944e138057fd178ddfc94
-
SHA1
cfb6d6686c2b894c6672e9b00b3ca43cddfc7cc8
-
SHA256
959c0ef7180f57d3159570b691671e9a51833c193d9727d374d7965740fb0b57
-
SHA512
b3a9f2f5a3ccb770d63d6e7edfefabd1390433329ab7da84125cc875ad277d36cdf18558258a9d6b9301a1d6c5a85c825419946ab047516595f069d4f154a2d2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-