General
-
Target
143c5e52816f413566fd8bea0921a5d55fe6fd2a7fe124a84f495e4fd67d4fff
-
Size
315KB
-
Sample
220604-rcl6aseecn
-
MD5
fb3dbd80372520bfac9d8b972c6c11af
-
SHA1
1baa722f62574d2f66e7f75bfbe3d9feafc358a0
-
SHA256
143c5e52816f413566fd8bea0921a5d55fe6fd2a7fe124a84f495e4fd67d4fff
-
SHA512
63e4938a813b9f93fc65af730550d47301d9cc73af3fd7e7c9569025864df1397f21815fcbb39834a844372c1a802418d05363917ba416eb317b83a528f86aa9
Static task
static1
Malware Config
Extracted
redline
mx
193.106.191.222:23196
-
auth_value
8cfa634189948115f1f5e1900e4b66b6
Targets
-
-
Target
143c5e52816f413566fd8bea0921a5d55fe6fd2a7fe124a84f495e4fd67d4fff
-
Size
315KB
-
MD5
fb3dbd80372520bfac9d8b972c6c11af
-
SHA1
1baa722f62574d2f66e7f75bfbe3d9feafc358a0
-
SHA256
143c5e52816f413566fd8bea0921a5d55fe6fd2a7fe124a84f495e4fd67d4fff
-
SHA512
63e4938a813b9f93fc65af730550d47301d9cc73af3fd7e7c9569025864df1397f21815fcbb39834a844372c1a802418d05363917ba416eb317b83a528f86aa9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-