General
-
Target
337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea
-
Size
420KB
-
Sample
220530-hj2pwsffc5
-
MD5
24654df971e40e5e18d37788fc77e747
-
SHA1
99b5da87ee43947240823b3f94cf4c15b6c32a91
-
SHA256
337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea
-
SHA512
5db40781b5a4e27ffa984c9023cffd2489899faba05438f7629c96bc8ebda976c108ca1ad039bf905b4c1266741847c1ad80fbac8ed5376dea032d961ed6311c
Static task
static1
Behavioral task
behavioral1
Sample
337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea
-
Size
420KB
-
MD5
24654df971e40e5e18d37788fc77e747
-
SHA1
99b5da87ee43947240823b3f94cf4c15b6c32a91
-
SHA256
337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea
-
SHA512
5db40781b5a4e27ffa984c9023cffd2489899faba05438f7629c96bc8ebda976c108ca1ad039bf905b4c1266741847c1ad80fbac8ed5376dea032d961ed6311c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-