General
-
Target
e448f28c2801f08e13c9d3454e704c9452d4b9930295be4b1d9d7326f3f34820
-
Size
411KB
-
Sample
220603-mj79wsece2
-
MD5
10a32959617bbd7de8c8d82b8f6da5eb
-
SHA1
17079b00bfbbfd92938bb1054e34499b90dc77fb
-
SHA256
e448f28c2801f08e13c9d3454e704c9452d4b9930295be4b1d9d7326f3f34820
-
SHA512
b1954cefd73cce00c0c26cdaa45adf271e5dbc9fea1682c3937e09e6fa2a9d848b0126f17bbed60946248130b7f6739f2284c0fd039866aff731bcb3d389452f
Static task
static1
Malware Config
Extracted
redline
mx
193.106.191.222:23196
-
auth_value
8cfa634189948115f1f5e1900e4b66b6
Targets
-
-
Target
e448f28c2801f08e13c9d3454e704c9452d4b9930295be4b1d9d7326f3f34820
-
Size
411KB
-
MD5
10a32959617bbd7de8c8d82b8f6da5eb
-
SHA1
17079b00bfbbfd92938bb1054e34499b90dc77fb
-
SHA256
e448f28c2801f08e13c9d3454e704c9452d4b9930295be4b1d9d7326f3f34820
-
SHA512
b1954cefd73cce00c0c26cdaa45adf271e5dbc9fea1682c3937e09e6fa2a9d848b0126f17bbed60946248130b7f6739f2284c0fd039866aff731bcb3d389452f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-