General
-
Target
60a0c40ccd86968b550cfc34927638b8
-
Size
412KB
-
Sample
220529-zrwbhsdgem
-
MD5
60a0c40ccd86968b550cfc34927638b8
-
SHA1
d904118a4d9e4bef0316927922872ca1cc53ec8d
-
SHA256
121873343a2752cdfce8f990986da1fd6e05883b44e62bfd0639a7508c58e387
-
SHA512
58d7587540aa51d593b3717bc7c0ddf22e73f628694540a3343fc1f33e52a54630b8a88d043c0e9cffb7e14269565b3ae01d55725f9ab5f6b8315ecbff54fb4a
Static task
static1
Behavioral task
behavioral1
Sample
60a0c40ccd86968b550cfc34927638b8.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
Lyla2
185.215.113.201:21921
-
auth_value
f3b96059847b054b3939cadefd4424ee
Targets
-
-
Target
60a0c40ccd86968b550cfc34927638b8
-
Size
412KB
-
MD5
60a0c40ccd86968b550cfc34927638b8
-
SHA1
d904118a4d9e4bef0316927922872ca1cc53ec8d
-
SHA256
121873343a2752cdfce8f990986da1fd6e05883b44e62bfd0639a7508c58e387
-
SHA512
58d7587540aa51d593b3717bc7c0ddf22e73f628694540a3343fc1f33e52a54630b8a88d043c0e9cffb7e14269565b3ae01d55725f9ab5f6b8315ecbff54fb4a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-