General
-
Target
8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
-
Size
386KB
-
Sample
220601-1dyedsfcan
-
MD5
f460fa95edf4b247c957aa246825948a
-
SHA1
fd3f666b9385e447d9f5885bdce01cb62034cb03
-
SHA256
8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
-
SHA512
d968470c301ef4ffcf0bf2c260bb92a08eac57728612d21d89a4add14a697710a87ebfc163a19171b18f2922ba829660ee2a402099c3a3331fc99d6483dfa195
Static task
static1
Malware Config
Extracted
redline
mx
193.106.191.222:23196
-
auth_value
8cfa634189948115f1f5e1900e4b66b6
Targets
-
-
Target
8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
-
Size
386KB
-
MD5
f460fa95edf4b247c957aa246825948a
-
SHA1
fd3f666b9385e447d9f5885bdce01cb62034cb03
-
SHA256
8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
-
SHA512
d968470c301ef4ffcf0bf2c260bb92a08eac57728612d21d89a4add14a697710a87ebfc163a19171b18f2922ba829660ee2a402099c3a3331fc99d6483dfa195
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-