General
-
Target
3fbdf844460430371300862dca04a638.exe
-
Size
413KB
-
Sample
220528-srbhsahack
-
MD5
3fbdf844460430371300862dca04a638
-
SHA1
a05576b034ccea63dd56566cb313ad596a6f2331
-
SHA256
9566ef0986d5c2065cddb538b348874c6c460b9d13f017aca76d2fb4e5ad061b
-
SHA512
e5fe393a66f661d362be87fffff3563dcaac417c3e5ecfabb59fbe8a75c74361168a1edba780ae59f3b525176be76dbd979dc589022930b5c56d37d7c0e36b55
Static task
static1
Behavioral task
behavioral1
Sample
3fbdf844460430371300862dca04a638.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
3fbdf844460430371300862dca04a638.exe
-
Size
413KB
-
MD5
3fbdf844460430371300862dca04a638
-
SHA1
a05576b034ccea63dd56566cb313ad596a6f2331
-
SHA256
9566ef0986d5c2065cddb538b348874c6c460b9d13f017aca76d2fb4e5ad061b
-
SHA512
e5fe393a66f661d362be87fffff3563dcaac417c3e5ecfabb59fbe8a75c74361168a1edba780ae59f3b525176be76dbd979dc589022930b5c56d37d7c0e36b55
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-