General
-
Target
99f4f546811087774163898fae157cff774ae680ae2e94c900abe42a83561cb5
-
Size
406KB
-
Sample
220526-bqhf9sbagj
-
MD5
50810e1fbd13eee662ff14dcdff38356
-
SHA1
5483f10e02064ae0258070c25e50aef5e3ef64cc
-
SHA256
99f4f546811087774163898fae157cff774ae680ae2e94c900abe42a83561cb5
-
SHA512
1a4e2f5e8dffc8b49b1d5842bcfac7f663668673f92357dd04dd8c7a243ab0314f963b35b19ab89c0c9699abf0a8acc7a5201f860434eb16171e365dad5446a3
Static task
static1
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
99f4f546811087774163898fae157cff774ae680ae2e94c900abe42a83561cb5
-
Size
406KB
-
MD5
50810e1fbd13eee662ff14dcdff38356
-
SHA1
5483f10e02064ae0258070c25e50aef5e3ef64cc
-
SHA256
99f4f546811087774163898fae157cff774ae680ae2e94c900abe42a83561cb5
-
SHA512
1a4e2f5e8dffc8b49b1d5842bcfac7f663668673f92357dd04dd8c7a243ab0314f963b35b19ab89c0c9699abf0a8acc7a5201f860434eb16171e365dad5446a3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-