General
-
Target
bc08a66b7ffb858c35346ba6bb18b102827081e8032e884abdecedc0fd0d38f5
-
Size
305KB
-
Sample
220617-2fdy7sgba7
-
MD5
af5ad1b7a6203bec529846f40d25777d
-
SHA1
ac37f742458d9ed5337c3d4eddcfb7c32d83c853
-
SHA256
bc08a66b7ffb858c35346ba6bb18b102827081e8032e884abdecedc0fd0d38f5
-
SHA512
77428f7742501653210a832a978cab5ffb4ac8852c6f798c810909f85fb7344ff5a56b2c67840ef7ba6103389027485f800aa475e1926a04fc45389af729a908
Static task
static1
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
bc08a66b7ffb858c35346ba6bb18b102827081e8032e884abdecedc0fd0d38f5
-
Size
305KB
-
MD5
af5ad1b7a6203bec529846f40d25777d
-
SHA1
ac37f742458d9ed5337c3d4eddcfb7c32d83c853
-
SHA256
bc08a66b7ffb858c35346ba6bb18b102827081e8032e884abdecedc0fd0d38f5
-
SHA512
77428f7742501653210a832a978cab5ffb4ac8852c6f798c810909f85fb7344ff5a56b2c67840ef7ba6103389027485f800aa475e1926a04fc45389af729a908
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-