General
-
Target
0eb705226012aa44fd1279861fc5376530147a98ff3cf2d511208906bbbbc5e9
-
Size
390KB
-
Sample
220601-a64trsdfe3
-
MD5
9d293475dc033c6916e6da15d375d188
-
SHA1
379de7cac7245bb0218d4d7a62dd90645b1c1360
-
SHA256
0eb705226012aa44fd1279861fc5376530147a98ff3cf2d511208906bbbbc5e9
-
SHA512
ba8cf6a6b2117fa9b282daac10b90c52bd458eb56803e9a452d54795d11522d3464f3e95bc008317cd7df2fa8795f1f0bf8728fd441526eb7f7a101ef677a533
Static task
static1
Behavioral task
behavioral1
Sample
0eb705226012aa44fd1279861fc5376530147a98ff3cf2d511208906bbbbc5e9.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
0eb705226012aa44fd1279861fc5376530147a98ff3cf2d511208906bbbbc5e9
-
Size
390KB
-
MD5
9d293475dc033c6916e6da15d375d188
-
SHA1
379de7cac7245bb0218d4d7a62dd90645b1c1360
-
SHA256
0eb705226012aa44fd1279861fc5376530147a98ff3cf2d511208906bbbbc5e9
-
SHA512
ba8cf6a6b2117fa9b282daac10b90c52bd458eb56803e9a452d54795d11522d3464f3e95bc008317cd7df2fa8795f1f0bf8728fd441526eb7f7a101ef677a533
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-