General
-
Target
42df2867c9087cf6977a1aa9302df5a30624d5e7a0304781ff3c33faf04316b8
-
Size
390KB
-
Sample
220616-z6938ahcap
-
MD5
69b91164969cf4924ae41fd7cde5da96
-
SHA1
96a097433dfdb43d1f1a92b28ff90083bc60d178
-
SHA256
42df2867c9087cf6977a1aa9302df5a30624d5e7a0304781ff3c33faf04316b8
-
SHA512
2f1a94a4222f395a82b489c78b06df7d06e202f1c40ad8437a5e339f2e1edf05e944207234584dcb52f19d0b23299f260d5680581a9cc2c0d27b31ed193142fa
Static task
static1
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
42df2867c9087cf6977a1aa9302df5a30624d5e7a0304781ff3c33faf04316b8
-
Size
390KB
-
MD5
69b91164969cf4924ae41fd7cde5da96
-
SHA1
96a097433dfdb43d1f1a92b28ff90083bc60d178
-
SHA256
42df2867c9087cf6977a1aa9302df5a30624d5e7a0304781ff3c33faf04316b8
-
SHA512
2f1a94a4222f395a82b489c78b06df7d06e202f1c40ad8437a5e339f2e1edf05e944207234584dcb52f19d0b23299f260d5680581a9cc2c0d27b31ed193142fa
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-