General
-
Target
125257d740be6598b7586754962c2d62c849e49a1da8f5b1aa1dffafe2f41000
-
Size
418KB
-
Sample
220527-dkwstagee9
-
MD5
069f35c13dd8d8076821dccf658bcc1c
-
SHA1
ce3d47c00048c075cc57dd13426e8d3dcabe2eed
-
SHA256
125257d740be6598b7586754962c2d62c849e49a1da8f5b1aa1dffafe2f41000
-
SHA512
4eb3c3d6b5d67fb6f197da12536e87aee6c505c2a6f50dea8475703bc38f08e627d5f2e7870d5b1bad0f391904ae006abae0b36435f7b35835217d0401cbc049
Static task
static1
Behavioral task
behavioral1
Sample
125257d740be6598b7586754962c2d62c849e49a1da8f5b1aa1dffafe2f41000.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
125257d740be6598b7586754962c2d62c849e49a1da8f5b1aa1dffafe2f41000
-
Size
418KB
-
MD5
069f35c13dd8d8076821dccf658bcc1c
-
SHA1
ce3d47c00048c075cc57dd13426e8d3dcabe2eed
-
SHA256
125257d740be6598b7586754962c2d62c849e49a1da8f5b1aa1dffafe2f41000
-
SHA512
4eb3c3d6b5d67fb6f197da12536e87aee6c505c2a6f50dea8475703bc38f08e627d5f2e7870d5b1bad0f391904ae006abae0b36435f7b35835217d0401cbc049
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-