General
-
Target
8c0575bbf0921b7eb45f1683e47e020441a7b6b112f2d16e96163e6a37b2f1d8
-
Size
305KB
-
Sample
220617-xbtfwafec3
-
MD5
bc9c28575dc4d138d79aaa06c2136fb9
-
SHA1
ccab4aaff69151955b1bd9d31923a7c9216e57d2
-
SHA256
8c0575bbf0921b7eb45f1683e47e020441a7b6b112f2d16e96163e6a37b2f1d8
-
SHA512
753e755ce9e9a4039325c8680615e4bbc5cfa613c805f4422718e16636f00e5d98e047112a59d24431fd5ac62635961521d0cf18886f2d32a663b2800d329d4a
Static task
static1
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
8c0575bbf0921b7eb45f1683e47e020441a7b6b112f2d16e96163e6a37b2f1d8
-
Size
305KB
-
MD5
bc9c28575dc4d138d79aaa06c2136fb9
-
SHA1
ccab4aaff69151955b1bd9d31923a7c9216e57d2
-
SHA256
8c0575bbf0921b7eb45f1683e47e020441a7b6b112f2d16e96163e6a37b2f1d8
-
SHA512
753e755ce9e9a4039325c8680615e4bbc5cfa613c805f4422718e16636f00e5d98e047112a59d24431fd5ac62635961521d0cf18886f2d32a663b2800d329d4a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-