General
-
Target
ae41e7002b61b2ae16445dcc224f835a1cb6a4105291ee36c8d0dcf5ad88e206
-
Size
391KB
-
Sample
220525-zf8sgadag3
-
MD5
8d4a4c7a88faa25060ec0c5f7a9da42d
-
SHA1
8e799106e4940c06376f4e541f2e54f321f14dd4
-
SHA256
ae41e7002b61b2ae16445dcc224f835a1cb6a4105291ee36c8d0dcf5ad88e206
-
SHA512
e9c26c8bc22ffb633d8b6f9196ce5982dd02c95ed64652f8eebbb39cdd8df7330d471532a3cbd7efe4716e9f2fd878d31e622d5ba0bb9db488facbd5e4b01720
Static task
static1
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
ae41e7002b61b2ae16445dcc224f835a1cb6a4105291ee36c8d0dcf5ad88e206
-
Size
391KB
-
MD5
8d4a4c7a88faa25060ec0c5f7a9da42d
-
SHA1
8e799106e4940c06376f4e541f2e54f321f14dd4
-
SHA256
ae41e7002b61b2ae16445dcc224f835a1cb6a4105291ee36c8d0dcf5ad88e206
-
SHA512
e9c26c8bc22ffb633d8b6f9196ce5982dd02c95ed64652f8eebbb39cdd8df7330d471532a3cbd7efe4716e9f2fd878d31e622d5ba0bb9db488facbd5e4b01720
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-