General
-
Target
aafd5d84fd0f99df9d49eac6cda00c1b08c24c4d1a3fce8d9f388fbde1a41f62
-
Size
318KB
-
Sample
220608-ckezmahhh5
-
MD5
808f85f1ebf6d750b1a90b304f956d18
-
SHA1
3cee26343babb05dca861510b4f5a72ee2463067
-
SHA256
aafd5d84fd0f99df9d49eac6cda00c1b08c24c4d1a3fce8d9f388fbde1a41f62
-
SHA512
7f8077fbcffc26b9e1d75b52ca579e2d81c2426153e532d2942ce1523ba67d4058fd599ec3e0465378d63c3753e6be2fe298e243bcbd443623edfbde1b89eabf
Static task
static1
Malware Config
Extracted
redline
Lyla2
185.215.113.201:21921
-
auth_value
f3b96059847b054b3939cadefd4424ee
Targets
-
-
Target
aafd5d84fd0f99df9d49eac6cda00c1b08c24c4d1a3fce8d9f388fbde1a41f62
-
Size
318KB
-
MD5
808f85f1ebf6d750b1a90b304f956d18
-
SHA1
3cee26343babb05dca861510b4f5a72ee2463067
-
SHA256
aafd5d84fd0f99df9d49eac6cda00c1b08c24c4d1a3fce8d9f388fbde1a41f62
-
SHA512
7f8077fbcffc26b9e1d75b52ca579e2d81c2426153e532d2942ce1523ba67d4058fd599ec3e0465378d63c3753e6be2fe298e243bcbd443623edfbde1b89eabf
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-