General
-
Target
b3e2481f1fb8659ff720ebbcc871b62c3c37bd1856f5f70bd249f09cb42dd99f
-
Size
382KB
-
Sample
220603-ks7cvahggj
-
MD5
fa8629756835908dcdc95d9e1e55bb50
-
SHA1
4364f580b3bad3103956b59ad120d2d9416a9127
-
SHA256
b3e2481f1fb8659ff720ebbcc871b62c3c37bd1856f5f70bd249f09cb42dd99f
-
SHA512
ea40ebd8d831ee81c29837eb7c4aa154afafb0dcdf22d9ba835214b2591510d03ebde2e3c48a71b1c0c8b4facbca2fb9283ef92f80f79803138cd202d91f624f
Static task
static1
Malware Config
Extracted
redline
mx
193.106.191.222:23196
-
auth_value
8cfa634189948115f1f5e1900e4b66b6
Targets
-
-
Target
b3e2481f1fb8659ff720ebbcc871b62c3c37bd1856f5f70bd249f09cb42dd99f
-
Size
382KB
-
MD5
fa8629756835908dcdc95d9e1e55bb50
-
SHA1
4364f580b3bad3103956b59ad120d2d9416a9127
-
SHA256
b3e2481f1fb8659ff720ebbcc871b62c3c37bd1856f5f70bd249f09cb42dd99f
-
SHA512
ea40ebd8d831ee81c29837eb7c4aa154afafb0dcdf22d9ba835214b2591510d03ebde2e3c48a71b1c0c8b4facbca2fb9283ef92f80f79803138cd202d91f624f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-