General
-
Target
053f4aef48501429ac50f35b2ada7038c49a213df634b575306b33185c3b2d7f
-
Size
422KB
-
Sample
220619-dh5ypscfhr
-
MD5
d973d61195fe513559e6b85d6c4c3287
-
SHA1
d1adfcf7709215a8f8a67f5387fd01063dfe1159
-
SHA256
053f4aef48501429ac50f35b2ada7038c49a213df634b575306b33185c3b2d7f
-
SHA512
3091e65d6481b363256c29f7d3313e1a217047fab8af35240075c501125719d4014d8b263a4c5ad4fb51723a70393b25d66555f45bee5a18003a9ce349d0665c
Static task
static1
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
053f4aef48501429ac50f35b2ada7038c49a213df634b575306b33185c3b2d7f
-
Size
422KB
-
MD5
d973d61195fe513559e6b85d6c4c3287
-
SHA1
d1adfcf7709215a8f8a67f5387fd01063dfe1159
-
SHA256
053f4aef48501429ac50f35b2ada7038c49a213df634b575306b33185c3b2d7f
-
SHA512
3091e65d6481b363256c29f7d3313e1a217047fab8af35240075c501125719d4014d8b263a4c5ad4fb51723a70393b25d66555f45bee5a18003a9ce349d0665c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-