General
-
Target
e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
-
Size
391KB
-
Sample
220525-ww3dvagbek
-
MD5
864ec1afdc65feb89684ea223a0b9918
-
SHA1
7849116ad092c0aac53e44e1c1998a0197f4da26
-
SHA256
e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
-
SHA512
8bac0584de8fe07b268afaa1bf52a66e2cc9e47263eab080f02030bbf380f6be2f6dee7f14b38b17f938079e3a7229d93495f6382f2bcc56fd29921da3066dea
Static task
static1
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
-
Size
391KB
-
MD5
864ec1afdc65feb89684ea223a0b9918
-
SHA1
7849116ad092c0aac53e44e1c1998a0197f4da26
-
SHA256
e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
-
SHA512
8bac0584de8fe07b268afaa1bf52a66e2cc9e47263eab080f02030bbf380f6be2f6dee7f14b38b17f938079e3a7229d93495f6382f2bcc56fd29921da3066dea
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-