General
-
Target
205e14910235515a528a5439508d771bcd5f23f217cecec56538c17b5cb61dff
-
Size
414KB
-
Sample
220530-qe2hbscdcq
-
MD5
d88acea234db567fb1852c3a3f6de187
-
SHA1
4ebcba46e6bf7609e37a2af7082d1d0089b51472
-
SHA256
205e14910235515a528a5439508d771bcd5f23f217cecec56538c17b5cb61dff
-
SHA512
6b12760e449412a51c5a7aeb96682a35d652fdde0976d25ddb19547c51cca6962eae19feaf1f6b7029120cf0ba6f7aa1da44eeaa74ba80293fe807c0dca9d9e7
Static task
static1
Behavioral task
behavioral1
Sample
205e14910235515a528a5439508d771bcd5f23f217cecec56538c17b5cb61dff.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
205e14910235515a528a5439508d771bcd5f23f217cecec56538c17b5cb61dff
-
Size
414KB
-
MD5
d88acea234db567fb1852c3a3f6de187
-
SHA1
4ebcba46e6bf7609e37a2af7082d1d0089b51472
-
SHA256
205e14910235515a528a5439508d771bcd5f23f217cecec56538c17b5cb61dff
-
SHA512
6b12760e449412a51c5a7aeb96682a35d652fdde0976d25ddb19547c51cca6962eae19feaf1f6b7029120cf0ba6f7aa1da44eeaa74ba80293fe807c0dca9d9e7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-