General
-
Target
65c2ea09836a08c9262eca1ad10c26c91ef9b80847334abc130781fd452c5641
-
Size
420KB
-
Sample
220619-r8lveaehfl
-
MD5
d0940a3bd28e2cde8ea6e47c9e6630c5
-
SHA1
36104916e32a58fdd31cb6fd75af9cb3445e0b53
-
SHA256
65c2ea09836a08c9262eca1ad10c26c91ef9b80847334abc130781fd452c5641
-
SHA512
835bb95bfd8b70238d6241a34d9469dfd1e967d5bc31b97f9ca01f6bb1a759db6bb345e57f303561b4f4438cc434bcdc3d6dfe317228470efea931cd664ff98a
Static task
static1
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
65c2ea09836a08c9262eca1ad10c26c91ef9b80847334abc130781fd452c5641
-
Size
420KB
-
MD5
d0940a3bd28e2cde8ea6e47c9e6630c5
-
SHA1
36104916e32a58fdd31cb6fd75af9cb3445e0b53
-
SHA256
65c2ea09836a08c9262eca1ad10c26c91ef9b80847334abc130781fd452c5641
-
SHA512
835bb95bfd8b70238d6241a34d9469dfd1e967d5bc31b97f9ca01f6bb1a759db6bb345e57f303561b4f4438cc434bcdc3d6dfe317228470efea931cd664ff98a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-