General
-
Target
1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
-
Size
379KB
-
Sample
220525-nlnhyaeacj
-
MD5
c5cd7a1ca416f2069374d6822a4eebc0
-
SHA1
5d4e54038d6fcef1efba3969a8f40fef3af6fee7
-
SHA256
1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
-
SHA512
580c937ff6e21714b9cf602204c3d0a275b4f44db1bc42af77fc0cd59a93bf253607860aff2959d28809c962fd70b70a81a7761ce6480b7218414ef88b54ae75
Static task
static1
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
-
Size
379KB
-
MD5
c5cd7a1ca416f2069374d6822a4eebc0
-
SHA1
5d4e54038d6fcef1efba3969a8f40fef3af6fee7
-
SHA256
1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
-
SHA512
580c937ff6e21714b9cf602204c3d0a275b4f44db1bc42af77fc0cd59a93bf253607860aff2959d28809c962fd70b70a81a7761ce6480b7218414ef88b54ae75
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-