General
-
Target
033502b09209cef3f5cd3751d67a6db79bc68cdcdba11c3d1b7d00b119eb2f2a
-
Size
406KB
-
Sample
220527-sejnmafedj
-
MD5
3c0ba66cde32f31d8dca6528e71e57f1
-
SHA1
e45c771572645ec7761091644872a30d68a19117
-
SHA256
033502b09209cef3f5cd3751d67a6db79bc68cdcdba11c3d1b7d00b119eb2f2a
-
SHA512
bcd80732168278b61c78215be9a356d1c2ffc221fabc24b82431f86b4ff6f573c8f4a73ffe59e7c06ca192b121fbb0854a51e295568f1706168f044a3cff3ab4
Static task
static1
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
033502b09209cef3f5cd3751d67a6db79bc68cdcdba11c3d1b7d00b119eb2f2a
-
Size
406KB
-
MD5
3c0ba66cde32f31d8dca6528e71e57f1
-
SHA1
e45c771572645ec7761091644872a30d68a19117
-
SHA256
033502b09209cef3f5cd3751d67a6db79bc68cdcdba11c3d1b7d00b119eb2f2a
-
SHA512
bcd80732168278b61c78215be9a356d1c2ffc221fabc24b82431f86b4ff6f573c8f4a73ffe59e7c06ca192b121fbb0854a51e295568f1706168f044a3cff3ab4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-