General
-
Target
1f661beaf79adbfde9f3116041daf69f6c743ab2338d0ecf9d552b454c726b4f
-
Size
318KB
-
Sample
220531-fx2kyaahfn
-
MD5
fc773dbcf336e7284ed618beaf3a31e6
-
SHA1
69ab27d55a836009f3ae267b10fa67fbbc6076b9
-
SHA256
1f661beaf79adbfde9f3116041daf69f6c743ab2338d0ecf9d552b454c726b4f
-
SHA512
339077c3668c67c704e93b2d77525baeae223c4c585c0421f94d7ffa365d02e8c98eec573bc9363f01286cd7f6d8b2b16d999f3c5a5d65c80acf3a4686a1fa2e
Static task
static1
Behavioral task
behavioral1
Sample
1f661beaf79adbfde9f3116041daf69f6c743ab2338d0ecf9d552b454c726b4f.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
1f661beaf79adbfde9f3116041daf69f6c743ab2338d0ecf9d552b454c726b4f
-
Size
318KB
-
MD5
fc773dbcf336e7284ed618beaf3a31e6
-
SHA1
69ab27d55a836009f3ae267b10fa67fbbc6076b9
-
SHA256
1f661beaf79adbfde9f3116041daf69f6c743ab2338d0ecf9d552b454c726b4f
-
SHA512
339077c3668c67c704e93b2d77525baeae223c4c585c0421f94d7ffa365d02e8c98eec573bc9363f01286cd7f6d8b2b16d999f3c5a5d65c80acf3a4686a1fa2e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-