General
-
Target
afbf13e1e35b07e5f18723f6218775901fa197b49a0c1214c5260e4c4fae0f00
-
Size
391KB
-
Sample
220601-apgmxahahm
-
MD5
56355c21280ca22b05a854a5674078ed
-
SHA1
a02ecfbc09a65fc2a78493722a739faa4f410cc2
-
SHA256
afbf13e1e35b07e5f18723f6218775901fa197b49a0c1214c5260e4c4fae0f00
-
SHA512
27db5c25008063785177a17368889c936fef83bbc8da67e594866d683e0894edba4e3967059a102457aad10bfdfc683f6152d5f591bf92dee536aeb87c4ab75c
Static task
static1
Behavioral task
behavioral1
Sample
afbf13e1e35b07e5f18723f6218775901fa197b49a0c1214c5260e4c4fae0f00.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
RuzkiUNIKALNO
193.233.48.58:38989
-
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
-
-
Target
afbf13e1e35b07e5f18723f6218775901fa197b49a0c1214c5260e4c4fae0f00
-
Size
391KB
-
MD5
56355c21280ca22b05a854a5674078ed
-
SHA1
a02ecfbc09a65fc2a78493722a739faa4f410cc2
-
SHA256
afbf13e1e35b07e5f18723f6218775901fa197b49a0c1214c5260e4c4fae0f00
-
SHA512
27db5c25008063785177a17368889c936fef83bbc8da67e594866d683e0894edba4e3967059a102457aad10bfdfc683f6152d5f591bf92dee536aeb87c4ab75c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-