General
-
Target
1125e5bfe6f54f83f9dbb65a356d36d64e628a58ded1e77b151b9c55c4de8019
-
Size
319KB
-
Sample
220531-1w1mgagecj
-
MD5
7b402c2a25f46ca1a31ab44ead1da47f
-
SHA1
02361bd956b0dfd4f0066d2e30c3fa2a29c934cb
-
SHA256
1125e5bfe6f54f83f9dbb65a356d36d64e628a58ded1e77b151b9c55c4de8019
-
SHA512
253fd875523d84c70b6bc2d9597caa796a25d229681b22585eaf4717b2a379bfaa025b47f760a2be09808ab75799077e4008ad6c575041757a9949f070535632
Static task
static1
Behavioral task
behavioral1
Sample
1125e5bfe6f54f83f9dbb65a356d36d64e628a58ded1e77b151b9c55c4de8019.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
1125e5bfe6f54f83f9dbb65a356d36d64e628a58ded1e77b151b9c55c4de8019
-
Size
319KB
-
MD5
7b402c2a25f46ca1a31ab44ead1da47f
-
SHA1
02361bd956b0dfd4f0066d2e30c3fa2a29c934cb
-
SHA256
1125e5bfe6f54f83f9dbb65a356d36d64e628a58ded1e77b151b9c55c4de8019
-
SHA512
253fd875523d84c70b6bc2d9597caa796a25d229681b22585eaf4717b2a379bfaa025b47f760a2be09808ab75799077e4008ad6c575041757a9949f070535632
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-