General
-
Target
4394012805f8458c29b800a8d71dad900784a75ad2eac270b34607a0c97948d6
-
Size
407KB
-
Sample
220524-la97fsbhbp
-
MD5
7a40ab6b531b9442fd02eb1d832cd2dc
-
SHA1
b209af2e49ac61222763d3cec9f6941fbbb54c21
-
SHA256
4394012805f8458c29b800a8d71dad900784a75ad2eac270b34607a0c97948d6
-
SHA512
01bfdc13b8ddf96fd3aa4a744d44f80fb008b77c77ef0d6917d4aeec2ff3db95069e0666375be3abaa71887160a8306cad91407e65a365511d6fc38175bb8e09
Static task
static1
Malware Config
Extracted
redline
redline
193.106.191.225:15304
-
auth_value
7357e43942d666e37ce6cba9e0dcacd9
Targets
-
-
Target
4394012805f8458c29b800a8d71dad900784a75ad2eac270b34607a0c97948d6
-
Size
407KB
-
MD5
7a40ab6b531b9442fd02eb1d832cd2dc
-
SHA1
b209af2e49ac61222763d3cec9f6941fbbb54c21
-
SHA256
4394012805f8458c29b800a8d71dad900784a75ad2eac270b34607a0c97948d6
-
SHA512
01bfdc13b8ddf96fd3aa4a744d44f80fb008b77c77ef0d6917d4aeec2ff3db95069e0666375be3abaa71887160a8306cad91407e65a365511d6fc38175bb8e09
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-