General
-
Target
1a8921c6f2a8f35048440df1c3811750e5f4c12cbb0725a3ed28f92cf71ed086
-
Size
391KB
-
Sample
220530-t2xdnsfhdm
-
MD5
1190d6ab1f84b511facfd1189b444f25
-
SHA1
48725077e415b2792ffc330a37784ae53a1c4850
-
SHA256
1a8921c6f2a8f35048440df1c3811750e5f4c12cbb0725a3ed28f92cf71ed086
-
SHA512
92bc4795a8c758e3b73f08374a9c8f06d0800781c1a959ef5c01f988227da550255a6bad1684cf536b88c2c707fad840bb5d05deb1cc248a5bfb25bc9ccb2d17
Static task
static1
Behavioral task
behavioral1
Sample
1a8921c6f2a8f35048440df1c3811750e5f4c12cbb0725a3ed28f92cf71ed086.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
1a8921c6f2a8f35048440df1c3811750e5f4c12cbb0725a3ed28f92cf71ed086
-
Size
391KB
-
MD5
1190d6ab1f84b511facfd1189b444f25
-
SHA1
48725077e415b2792ffc330a37784ae53a1c4850
-
SHA256
1a8921c6f2a8f35048440df1c3811750e5f4c12cbb0725a3ed28f92cf71ed086
-
SHA512
92bc4795a8c758e3b73f08374a9c8f06d0800781c1a959ef5c01f988227da550255a6bad1684cf536b88c2c707fad840bb5d05deb1cc248a5bfb25bc9ccb2d17
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-